package: debian-handbook severity: wishlist
Add a section, chapter or appendix about certificate creation and management on Debian. The RTC Quickstart Guide has a chapter on the same topic, it is specific to RTC services (SIP, XMPP, TURN) http://rtcquickstart.org/guide/multi/tls.html For debian-handbook, it is probably necessary for the chapter to have slightly more scope, covering topics like: - VPN server and client certificates - HTTPS certificates - location of the files on Debian (recently discussed on debian-devel) - Let's Encrypt https://letsencrypt.org/ - comparison of the tools (OpenSSL, GnuTLS) - table comparing subjectAltName and wildcard certificates and how they work with each protocol (HTTPS, SIP, SMTP, XMPP, VPN) - protecting private key files, UNIX groups for sharing them between processes There is already some detail in the Postfix section (chapter 11), that could be taken out and replaced with a link to the new section on this.
