Def. Quota Gerald Vogt <v...@spamcop.net>:
On 09.05.2013 23:47, Benedetto Vassallo wrote:
1) Is it possible to use the same certificate inside spacewalk (e.g.
osad)? If yes, how I can generate a certificate like
RHN-ORG-TRUSTED-SSl-CERT starting from my .pem files?
a. you should not confuse server and client sides.
b. remember all certificate paths can be configured, i.e. the
certificate chain checked is not necessarily in RHN-ORG-TRUSTED-SSl-CERT
c. The whole purpose of the certificate chain on the client is to verify
the server, i.e. it must match.
d. The certificate chain is simply a collection of all CA in the chain
from the server certificate to the root. If you have your own
self-signed CA to issue certificates it would be only this CA cert.
2) If is not possible, is it safe to use my certificate in apache
ssl.conf and the original RHN-ORG-TRUSTED-SSl-CERT inside spacewalk or I
can broken something with this?
It may be possible (although I hope it's not. but I haven't tried).
IMHO, this kind of setup would defy the whole purpose of the
certificates: The client would not be able to verify the server...
-Gerald
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list
Thank you all for the replies.
I realize maybe it's better if I don't touch anything if I don't
really know what I'm doing.
Best regards.
--
Benedetto Vassallo
Sistema Informativo di Ateneo
Settore Gestione Reti Hardware e Software
U.O.B. Sviluppo e manutenzione dei sistemi
Università degli studi di Palermo
Phone: +3909123860056
Fax: +390916529124
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list
