[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Using the SSL snakeoil certificate



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am Do den 20. Jul 2006 um 11:24 schrieb Martin Schulze:
> > [one cert for all services]
> I believe that this is a good idea, however, I would like to propose a
> slightly different approach.
> 
> At the moment, it seems that all applications use their own
> certificates and maybe also create them upon installation or rather
> configuration.

I like this idea mentioned above. Isn't it easy to ask the admin in
debconf for every service if he want separate certs or all linked
together?

> Hence, I propose to stay with virtual per-service certificates, but to
> link them to the common snakeoil certificate from ssl-certificates
> during configuration and only if there is no other setting.

That would be another way.

Regards
   Klaus Ethgen
- -- 
Klaus Ethgen                            http://www.ethgen.de/
pub  2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <Klaus@Ethgen.de>
Fingerprint: D7 67 71 C4 99 A6 D4 FE  EA 40 30 57 3C 88 26 2B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iQEVAwUBRL+ftp+OKpjRpO3lAQJtJgf+M4e/D970JQZDTbUg00z4PTBVD0ts7Hex
XffYVpJt+dhQzXh2ljO/7vuqH2wxWvSuxevix4QSpAeJl9RpFceFsgMerpT7rqIv
lPzo+JljGeWQb02kNnRZE8aRhNjsesEBr6RIDwRnB8+zKgxzTKOqdH0pvi3iTkUB
39fBJ1v3NcYxc7DDwRWcG1Aw9I6yJgsMGexiQs0w/OZ9yY3aE8HQuyiaPhy7UnJr
FvJyO2Ddv4AOMXxVIf2PRpcGsbKf0y0mX30mVVL3FzW+qPPC8PBeM/iAnex+oZGL
wrWsdvzk3L93KMaS2EdgwW+k/0AnwPq6XNj+0XoWZJIuljHLr9xPJw==
=a/xx
-----END PGP SIGNATURE-----



Reply to: