[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pulp-list] pulp certificates





On 08/23/2010 09:39 AM, Bryan Kearney wrote:
On 08/23/2010 10:00 AM, Jeff Ortel wrote:
All,

I propose we move to combining the private key and certificates into a
single PEM encoded file. This is a very common practice in PKI. It seems
cleaner and would require less files to manage. I verified that having
the key and cert combined in a single file is supported by both yum and
M2Crypto. Moving to the combined file would reduce the number of CLI
arguments and allow us to store (1) certificate property in each Repo
object.

Thoughts? Objections?


Would you do this across all certs (identity, entitlement, content)?

Yes, I would like to.

Also, we agreed (at one time) to refit RHSM to combine the certificates. I still intend to follow up on that as well. That way for kalpana, we'll be handling keys and certificates the same way across the board.


-- bk

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]