Public key infrastructure
Ralf Ertzinger
fedora at camperquake.de
Wed Jul 26 07:27:32 UTC 2006
Hi.
On Wed, 26 Jul 2006 09:20:23 +0200, Peter Rockai wrote:
> They are generated in %post, see the last paragraph. The files
> probably show up in rpm lists because they are marked
> ghost/noreplace/missingok config files.
This may be a wild idea, but how about creating a self signed
CA (by %post in the package which owns /etc/pki), and have all
other programs that need certificates automatically create certificates
under that CA?
So all autocreated ceritificates are still not "valid" in the sense
that they can be validated by an outsider, but at lease all have
the same root.
More information about the fedora-devel-list
mailing list