[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#909341: easy-rsa: use OpenSSL 1.1.1 .include directive in easyrsa-openssl.cnf



Package: easy-rsa
Version: 3.0.4-2
Severity: wishlist

The easyrsa-openssl.cnf file created by make-cadir is a copy of the
default easy-rsa openssl-easyrsa.cnf file. I think it would be better
to generate an openssl-easyrsa.cnf that uses the OpenSSL 1.1.1 .include
directive to include the default file and then allow admins to add
lines overriding the defaults. This way if the defaults change, they
also get automatically updated for existing easy-rsa managed dirs.

-- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.18.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages easy-rsa depends on:
ii  openssl  1.1.1-1

Versions of packages easy-rsa recommends:
pn  opensc  <none>

easy-rsa suggests no packages.

-- no debconf information

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: