On 10/28/2014 09:04 AM, Ashby, Jason (IMS) wrote: > Add your root and intermediary CA's to system CA bundle (copy ca-bundle.crt > out to all consumers too): > > openssl x509 -in /etc/pki/pulp_certs/rootca.crt -text >> > /etc/pki/tls/certs/ca-bundle.crt > openssl x509 -in /etc/pki/pulp_certs/pulpca.crt -text >> > /etc/pki/tls/certs/ca-bundle.crt
Also, just for the sake of all the readers on this list, be aware that adding CAs to your system is inherently a risky activity. If anyone is able to get the key for the CAs you install, they can mimic any host on the Internet. It's extremely important to only install CAs from sources that you have absolute trust in, and if that source is yourself it's imperative to keep the key secret.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pulp-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-list
