On (03/07/06 23:34), Petter Reinholdtsen wrote:
[Jaldhar H. Vyas]
Is this is a good idea for Debian? I think it is but it doesn't make
sense to switch dovecot over unless all the other ssl-cert using
packages also do it. Is this possible in the etch timeframe?
Yes, it is a good idea to make the SSL certificate handling in Debian
packages more consistent. In Debian-Edu, we install and automatically
configure several services with SSL certiciates, like imap, ldap and
webmin, and it is a pain to handle all the ways SSL-certificates are
generated. :)
So, as this proposal seemed to provoke a response that was somewhere
between non-caring and enthusiastic I thought I would look in to the
possibility of doing this.
An estimate of the pacakages that generate a certificate in postinst
(lets hope there are none that include them in the package) I tried:
$ grep-available -FDepends openssl -sPackage -n | sort
apache-ssl
apache2-common
ca-certificates
courier-imap-ssl
courier-ssl
dovecot-common
dsniff
ejabberd
exim-tls
freeswan
ftpd-ssl
httping
ipopd
libapache-mod-ssl
libmultisync-plugin-syncml
nessusd
openoffice.org-core
partimage-server
python-pyopenssl
ssl-cert
ssleay
sslwrap
stone-ssl
stunnel
stunnel4
telnetd-ssl
tinyca
ultrapossum-tls
usermin
uw-imapd
webmin