Linux and SSL certificates.
Alexander Dalloz
ad+lists at uni-x.org
Thu Apr 21 16:23:18 UTC 2005
Am Do, den 21.04.2005 schrieb Aleksandar Milivojevic um 17:41:
> akonstam at trinity.edu wrote:
> > However, under Linux the ipop, imap, etc certificates are in
> > /usr/share/ssl/certs and the https certificate is in a completely
> > different place.
[ ... ]
> If you don't want to change default configuration (don't see any reason
> why you wouldn't want to do it, but that is your call), just create
> symbolic links or make copy of the files wherever the application
> expects the certificate to be.
> Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
But keep care for the CN setting inside the certificate. If it does not
match your service's hostname the client always will or should complain
with a warning (browser popup, even deny of service is possible [think
OE/Outlook does this with mail]). For multiple CN handling you may have
a look at:
http://wiki.cacert.org/wiki/VhostTaskForce
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.14_FC2smp
Serendipity 18:18:56 up 9 days, 14:59, load average: 0.32, 0.53, 0.60
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050421/85964378/attachment-0001.sig>
More information about the fedora-list
mailing list