[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Linux and SSL certificates.



Am Do, den 21.04.2005 schrieb Aleksandar Milivojevic um 17:41:

> akonstam trinity edu wrote:
> > However, under Linux the ipop, imap, etc certificates are in
> > /usr/share/ssl/certs and the https certificate is in a completely
> > different place.

[ ... ]

> If you don't want to change default configuration (don't see any reason 
> why you wouldn't want to do it, but that is your call), just create 
> symbolic links or make copy of the files wherever the application 
> expects the certificate to be.

> Aleksandar Milivojevic <amilivojevic pbl ca>    Pollard Banknote Limited

But keep care for the CN setting inside the certificate. If it does not
match your service's hostname the client always will or should complain
with a warning (browser popup, even deny of service is possible [think
OE/Outlook does this with mail]). For multiple CN handling you may have
a look at:

http://wiki.cacert.org/wiki/VhostTaskForce

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.14_FC2smp 
Serendipity 18:18:56 up 9 days, 14:59, load average: 0.32, 0.53, 0.60 

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]