On 06/10/15 14:38, Raphael Hertzog wrote: > Hi, > > On Mon, 05 Oct 2015, Daniel Pocock wrote: >> There is already some detail in the Postfix section (chapter 11), that >> could be taken out and replaced with a link to the new section on this. > > In fact we do have a section on easy-rsa, within the OpenVPN section: > https://debian-handbook.info/browse/jessie/sect.virtual-private-network.html#sect.openvpn >
I had seen that, it is useful but it is not a comprehensive treatment of the topic either, I really feel it is a good idea to get everything about certificates into a single section or appendix. As I mentioned in the debian-devel thread[1] and ssl-cert bug[2], we don't seem to have a documented standard for certificate locations (Fedora is a little more precise about it in their documents[3] and the structure they use under /etc/pki). Therefore, it is something that may only become standardized from stretch. I wasn't thinking that this would be easy to deal with in the jessie version of the handbook. 1. https://lists.debian.org/debian-devel/2015/07/msg00024.html 2. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790943 3. https://fedoraproject.org/wiki/Features/SharedSystemCertificates
