[Pulp-list] Devsetup certificates
Lukas Zapletal
lzap+fed at redhat.com
Thu Feb 17 13:35:41 UTC 2011
Hello,
I am a little bit confused about certificates in my developer setup
which I did according to the wiki pages.
If I search for SSL related configuration in my httpd I see this:
# grep -R crt /etc/httpd
/etc/httpd/conf/httpd.conf:AddType application/x-x509-ca-cert .crt
/etc/httpd/conf.d/pulp.conf:AddType application/x-x509-ca-cert .crt
/etc/httpd/conf.d/pulp.conf:SSLCACertificateFile /etc/pki/pulp/ca.crt
/etc/httpd/conf.d/ssl.conf:SSLCertificateFile
/etc/pki/tls/certs/localhost.crt
/etc/httpd/conf.d/ssl.conf:#SSLCertificateChainFile
/etc/pki/tls/certs/server-chain.crt
/etc/httpd/conf.d/ssl.conf:#SSLCACertificateFile
/etc/pki/tls/certs/ca-bundle.crt
The server cert is configured twice. I can see my httpd uses the one
configured in ssl.conf (/etc/pki/tls/certs/localhost.crt):
# openssl s_client -connect myhost:443
What is the /etc/pki/pulp/ca.crt for?
Thanks
--
Later,
Lukas "lzap" Zapletal
More information about the Pulp-list
mailing list