>>>>> "Jaldhar" == Jaldhar H Vyas <[EMAIL PROTECTED]> writes:
>> In an effort to clean up the SSL certificate mess on Ubuntu >> servers, we recently converted all our supported Server >> packages to make use of the ssl-cert package instead of >> creating a package-specific self-signed SSL certificate. This >> allows admins to easily replace the certificate with a 'real' >> one without touching dozens of configuration files, and also >> provides a consistent setup out of the box. Jaldhar> Is this is a good idea for Debian? I think it is but it Jaldhar> doesn't make sense to switch dovecot over unless all the Jaldhar> other ssl-cert using packages also do it. Is this Jaldhar> possible in the etch timeframe? I would really like it - I find it tedious configuring SSL certificates for each and every package, when they usually are the same... Having one copy reduces the chances of accidently storing a private key somewhere with inappropriate permissions. I don't expect such a system to implement virtual hosting without system administrator intervention, but a naming convention for the files that supports virtual hosts would be even better IMHO, e.g.: /etc/.../$hostname/... Where hostname is the name of the host identified by the certificate. That way adding/removing other certificates is easy. -- Brian May <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]