Re: Using the SSL snakeoil certificate
James Westby schrieb:
On (03/07/06 23:34), Petter Reinholdtsen wrote:
[Jaldhar H. Vyas]
Is this is a good idea for Debian? I think it is but it doesn't make
sense to switch dovecot over unless all the other ssl-cert using
packages also do it. Is this possible in the etch timeframe?
Yes, it is a good idea to make the SSL certificate handling in Debian
packages more consistent. In Debian-Edu, we install and automatically
configure several services with SSL certiciates, like imap, ldap and
webmin, and it is a pain to handle all the ways SSL-certificates are
So, as this proposal seemed to provoke a response that was somewhere
between non-caring and enthusiastic I thought I would look in to the
possibility of doing this.
An estimate of the pacakages that generate a certificate in postinst
(lets hope there are none that include them in the package) I tried:
$ grep-available -FDepends openssl -sPackage -n | sort
Well there are a number of packages out there that can use X509 Certs
but don't do so now as per default for example lighttpd.
racoon seems to be missing as well but it doesn't look to be in good
shape (in testing) anyway.
I'd like to help but I'm not a DD.