SSL cert/key location
Farkas Levente
lfarkas at bppiac.hu
Wed Dec 22 15:11:23 UTC 2004
Chris Adams wrote:
> Once upon a time, Axel Thimm <Axel.Thimm at ATrpms.net> said:
>
>>Indeed, I always wondered why the certificates had been put under
>>/usr/share/ssl and by whom. The FHS had been quite strict on this from
>>the very beginning.
>>
>>/etc seems a rather sane place. Perhaps /etc/ssl/?
>
>
> You'll need to modify OpenSSL to handle multiple "default" directories.
> Currently I think you can only specify a single directory for certs (the
> certs setting under the CA_default section in openssl.cnf).
> Applications use OpenSSL calls to validate the cert chain, so it'll need
> to look in the local directory (/etc/ssl/certs) first and then the other
> directory (/usr/share/ssl/certs) when walking the cert chain. The crl
why we need /usr/share/ssl/ at all? /etc/ssl would be enough (as one
directory)!
--
Levente "Si vis pacem para bellum!"
More information about the fedora-devel-list
mailing list