[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Public key infrastructure



Hi.

On Wed, 26 Jul 2006 09:20:23 +0200, Peter Rockai wrote:

> They are generated in %post, see the last paragraph. The files
> probably show up in rpm lists because they are marked
> ghost/noreplace/missingok config files.

This may be a wild idea, but how about creating a self signed
CA (by %post in the package which owns /etc/pki), and have all
other programs that need certificates automatically create certificates
under that CA?

So all autocreated ceritificates are still not "valid" in the sense
that they can be validated by an outsider, but at lease all have
the same root.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]