[Pulp-list] pulp certificates
Jeff Ortel
jortel at redhat.com
Mon Aug 23 15:36:49 UTC 2010
On 08/23/2010 09:39 AM, Bryan Kearney wrote:
> On 08/23/2010 10:00 AM, Jeff Ortel wrote:
>> All,
>>
>> I propose we move to combining the private key and certificates into a
>> single PEM encoded file. This is a very common practice in PKI. It seems
>> cleaner and would require less files to manage. I verified that having
>> the key and cert combined in a single file is supported by both yum and
>> M2Crypto. Moving to the combined file would reduce the number of CLI
>> arguments and allow us to store (1) certificate property in each Repo
>> object.
>>
>> Thoughts? Objections?
>>
>
> Would you do this across all certs (identity, entitlement, content)?
Yes, I would like to.
Also, we agreed (at one time) to refit RHSM to combine the certificates. I still intend
to follow up on that as well. That way for kalpana, we'll be handling keys and
certificates the same way across the board.
>
> -- bk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5126 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20100823/3c2f13b5/attachment.p7s>
More information about the Pulp-list
mailing list