Hi, Just to remind everyone considering OpenXPKI for running their own PKI:
It is perfectly OK to use shortcuts to get things up and running quickly in order to learn how the software works, BUT - the sample config script is just that, it produces a sample configuration to get things up and running quickly - the sample config script IS NOT INTENDED to provide you with a configuration which can blindly be used in production, and WE DO NOT RECOMMEND TO USE IT THIS WAY - the fact that the sample config script uses hardcoded passphrases should emphasize that - if you are taking precautions to have the script generate random passphrases and end up putting these random passphrases in your configuration... then you are most probably not using the sample config script for testing purposes and you should seriously reconsider what you are doing Setting up a PKI, your processes and key management right takes preparation, planning and proper execution. OpenXPKI is a very powerful and flexible software. It is certainly capable of providing reliable and secure PKI services in professional environments, but it is incorrect to assume that there is a turnkey solution for that. Cheers Martin _______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
