Sorry - not clear. What I meant was that in this case I ran openssl on Linux, not on Windows as Charles thought.

What if I deleted the CA key file after creating the one web cert I needed? That would probably solve the security issue Charles mentioned, but then I would need a long-term web cert, maybe not possible anymore with the browser cap you mentioned.

On 8/29/2023 12:08 PM, Grant Taylor wrote:
On 8/29/23 12:07 PM, Tom Brennan wrote:
All true I think, except it's openssl on Linux not Windows.

OpenSSL is multi-platform and can run on Windows a myriad of ways, if not natively.

Aside:  The Enterprise CA can also be done with things other than OpenSSL.




----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Reply via email to