[Spacewalk-list] Auto-deploying renewed cert
Daryl Rose
darylrose at outlook.com
Thu Oct 5 17:52:54 UTC 2017
Avi,
To the best of my knowledge, the CA is not changing. So, even though the cert expires, I don't have to push out a new cert with the updated expiration date? That would be great.
I just got my first taste of Let's Encrypt a couple of day's ago. I implemented it on a site that I do for a veterans group that I belong to. I had to use an acme client, as we're in a shared hosting environment and I don't have root access. It took me a couple of try's, but I eventually got it working and now our site is secure.
As always, thank you for you help, and the write ups that you do.
Daryl
________________________________
From: spacewalk-list-bounces at redhat.com <spacewalk-list-bounces at redhat.com> on behalf of Avi Miller <avi.miller at oracle.com>
Sent: Wednesday, October 4, 2017 5:50 PM
To: spacewalk-list at redhat.com
Subject: Re: [Spacewalk-list] Auto-deploying renewed cert
Hi,
> On 4 Oct 2017, at 12:46 pm, Daryl Rose <darylrose at outlook.com> wrote:
>
> I'm using a signed cert, which is scheduled to expire at the end of the year. I have over 800 clients in SW. Is there a way to auto-deploy the cert? I want to start planning now so I don't end up with a bunch of broken connections.
Assuming the CA doesn't change, i.e. you're just renewing the certificate using your existing CA, you don't have to deploy anything. The clients only need the CA certificate deployed and it's unlikely that's changing.
This is why I was happy writing my Using Let's Encrypt with Spacewalk[1] how-to, because the CA doesn't change even though the certificates are renewed every 90 days.
Cheers,
Avi
[1] https://omg.dje.li/2017/04/using-lets-encrypt-ssl-certificates-with-spacewalk/
[https://www.gravatar.com/avatar/f88111a49c7bb1acef0ddccea9c77c1e?s=640]<https://omg.dje.li/2017/04/using-lets-encrypt-ssl-certificates-with-spacewalk/>
Using Let's Encrypt SSL Certificates with Spacewalk<https://omg.dje.li/2017/04/using-lets-encrypt-ssl-certificates-with-spacewalk/>
omg.dje.li
By default, Spacewalk creates and uses self-signed certificates for its SSL configuration. This requires the end-user to accept and trust the CA certificiate created ...
--
Oracle <http://www.oracle.com>
Oracle | Integrated Cloud Applications and Platform Services<http://www.oracle.com/>
www.oracle.com
Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services.
Avi Miller | Product Management Director | +61 (3) 8616 3496
Oracle Linux and Virtualization
417 St Kilda Road, Melbourne, Victoria 3004 Australia
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list at redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list
Spacewalk-list Info Page - Red Hat<https://www.redhat.com/mailman/listinfo/spacewalk-list>
www.redhat.com
Red Hat Linux is the centerpiece of a complete solution that includes software, support, training, and services. We feature a broad range of solutions to serve a ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20171005/5b4d61c1/attachment.htm>
More information about the Spacewalk-list
mailing list