[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pulp-list] pulp certificates



On 08/23/2010 11:40 AM, Jeff Ortel wrote:


On 08/23/2010 09:39 AM, Bryan Kearney wrote:
On 08/23/2010 10:00 AM, Jeff Ortel wrote:
All,

I propose we move to combining the private key and certificates into a
single PEM encoded file. This is a very common practice in PKI. It seems
cleaner and would require less files to manage. I verified that having
the key and cert combined in a single file is supported by both yum and
M2Crypto. Moving to the combined file would reduce the number of CLI
arguments and allow us to store (1) certificate property in each Repo
object.

Thoughts? Objections?


Would you do this across all certs (identity, entitlement, content)?

Yes, I would like to.

Also, we agreed (at one time) to refit RHSM to combine the certificates.
I still intend to follow up on that as well. That way for kalpana, we'll
be handling keys and certificates the same way across the board.



I am all for it. We have looked at changing puppet to use the identity certs as well.. I would be interested in testing that first. Could I have a few days to do that?

-- bk


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]