SSL cert/key location (was: rawhide report: 20041217 changes)
Colin Walters
walters at redhat.com
Tue Dec 21 22:01:20 UTC 2004
On Tue, 2004-12-21 at 21:28 +0100, Enrico Scholz wrote:
> A better place for the certificates would be somewhere under /etc.
Longer term, I think we really want a more formal certificate management
system, with a defined interface for installing a certificate on the
system (or for a specific user), removing certificates, granting access
to certain certificates to particular daemons, creating a new CA, etc.
And most importantly, get every application to use it. Right now it's
just crazy with applications dropping certificates in any random place
with ad-hoc access controls, and applications not using the same
verification chains.
A first step at this could be a utility like install-certificate that
just dropped certs into a well-defined directory in /etc.
More information about the fedora-devel-list
mailing list