[Bug 1290] New: pregeneerated certificate handeling in Debian Edu should be improved.

To: debian-edu@lists.debian.org
Subject: [Bug 1290] New: pregeneerated certificate handeling in Debian Edu should be improved.
From: bugzilla-skolelinux@maintainer.skolelinux.no
Date: Tue, 27 Nov 2007 18:34:01 +0100
Message-id: <[🔎] E1Ix4Jt-0003t7-M4@maintainer.skolelinux.no>

http://bugs.skolelinux.no/show_bug.cgi?id=1290

           Summary: pregeneerated certificate handeling in Debian Edu should
                    be improved.
           Product: Skolelinux
           Version: etch-alpha
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: enhancement
          Priority: P4
         Component: debian-edu-config
        AssignedTo: debian-edu@lists.debian.org
        ReportedBy: ronny@skolelinux.org


The default certificate created by debian's tools uses by default the hostname
(tjener.intern) and is only valid for 1 month. The resoning is ofcourse that
certificates are site spesific and should be generated by the admin. 

But for the default internal network used in Debian Edu we want to  provide a
more permanent certificate, that can be valid for all the aliases and services.

Hess and Werner, suggest using [1 Subject alternative names] 

a fall back approch can be to use wildcard certificate *.intern and have all
services use fqdn. suggested by akai
 
[1]http://www.openssl.org/docs/apps/x509v3_config.html#Subject_Alternative_Name_

Ronny



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Reply to:

Prev by Date: [Bug 1267] document workaround?: Installing Workstation keeps failing
Next by Date: [Bug 1270] samba groupmaps are missing after installation
Previous by thread: [Bug 1270] (p2 after r1) samba groupmaps are missing after installation
Next by thread: [Bug 1284] TC don't boot through with 3COM NIC
Index(es):
- Date
- Thread