rawhide report: 20050422 changes
Tomas Mraz
tmraz at redhat.com
Fri Apr 22 16:07:37 UTC 2005
On Fri, 2005-04-22 at 17:24 +0200, D. Stolte wrote:
> Tomas Mraz wrote:
> > On Fri, 2005-04-22 at 16:37 +0200, D. Stolte wrote:
> >
> >>>openssl-0.9.7f-4
> >>>----------------
> >>>* Thu Apr 21 2005 Tomas Mraz <tmraz at redhat.com> 0.9.7f-4
> >>>- move certificates to _sysconfdir/pki/tls (#143392)
> >>>- move CA directories to _sysconfdir/pki/CA
> >>>- patch the CA script and the default config so it points to the
> >>> CA directories
> >>
> >>some questions:
> >>- Why and who chose /etc/pki/tls as openssl dir? redhat has to be
> >>special again?
> >
> > See this discussion: https://www.redhat.com/archives/fedora-
> > maintainers/2005-April/msg00059.html
>
> Ok, thanks. Makes sense.
>
> >>- the patch to openssl.conf regarding the base ca dir ../../CA doesnt
> >> look correct. Isnt it ./../CA ?
> >
> > No, the CA directory is not in the tls subdir because it presents a
> > special functionality useful not only for TLS and it isn't part of non-
> > rpm openssl installation.
> >
>
> Yes, i understand why the CA dir is outside the tls dir but the relative
> path in the openssl.cnf points to /etc/CA. I dont think that *this* is
> intended.
It actually points to a directory relative to a CWD where the openssl
binary is run and in this case it is run in the /etc/pki/tls/misc.
However maybe it should be patched with an absolute path instead?
--
Tomas Mraz <tmraz at redhat.com>
More information about the fedora-devel-list
mailing list