[Pulp-list] Qpid SSL on Pulp 2.4
Randy Barlow
rbarlow at redhat.com
Tue Oct 28 14:22:56 UTC 2014
On 10/28/2014 09:04 AM, Ashby, Jason (IMS) wrote:
> Add your root and intermediary CA's to system CA bundle (copy ca-bundle.crt out to all consumers too):
>
> openssl x509 -in /etc/pki/pulp_certs/rootca.crt -text >> /etc/pki/tls/certs/ca-bundle.crt
> openssl x509 -in /etc/pki/pulp_certs/pulpca.crt -text >> /etc/pki/tls/certs/ca-bundle.crt
Also, just for the sake of all the readers on this list, be aware that
adding CAs to your system is inherently a risky activity. If anyone is
able to get the key for the CAs you install, they can mimic any host on
the Internet. It's extremely important to only install CAs from sources
that you have absolute trust in, and if that source is yourself it's
imperative to keep the key secret.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20141028/c8e7a81c/attachment.sig>
More information about the Pulp-list
mailing list