Re: Using the SSL snakeoil certificate

To: Brian May <bam@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: Using the SSL snakeoil certificate
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sun, 2 Jul 2006 21:49:15 -0300
Message-id: <[🔎] 20060703004915.GE29292@khazad-dum.debian.net>
In-reply-to: <[🔎] sa4mzbrv9v8.fsf@snoopy.microcomaustralia.com.au>
References: <Pine.LNX.4.64.0606301049500.29534@jaldhar-laptop> <[🔎] sa4mzbrv9v8.fsf@snoopy.microcomaustralia.com.au>

On Mon, 03 Jul 2006, Brian May wrote:
> I don't expect such a system to implement virtual hosting without
> system administrator intervention, but a naming convention for the files

We must make this intervention easy, but other than that...

> that supports virtual hosts would be even better IMHO, e.g.:
> 
> /etc/.../$hostname/...
> 
> Where hostname is the name of the host identified by the
> certificate. That way adding/removing other certificates is easy.

I very much doubt it would be easy to get the many APPs to expand that
"$hostname"...

IMHO we will be best served by going simple on this one and providing a
boxed solution for single-certificate-per-host only.

The much safer and saner per-service-certificate-per-host will require
per-service configuration anyway...

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- Re: Using the SSL snakeoil certificate
  - From: Brian May <bam@debian.org>

Prev by Date: Re: ITP: openwatcom -- C/C++ compiler and IDE that produce efficient, portable code
Next by Date: Re: ITP: openwatcom -- C/C++ compiler and IDE that produce efficient, portable code
Previous by thread: Re: Using the SSL snakeoil certificate
Next by thread: Re: Using the SSL snakeoil certificate
Index(es):
- Date
- Thread