Timothy J Miller wrote, On 04/01/2008 09:34 AM:
On Apr 1, 2008, at 7:53 AM, Todd Denniston wrote:
also don't forget to use redhat's undocumented tool "certutil" to
stuff the CA's in the appropriate barely documented nssdb place.
Alternatively, load trust in Firefox and copy the db's from your profile
into place. :)
But wouldn't that get some of the other CA's like Thawte, USPS and VeriSign
that you may not want to trust allowing folks into your box?
Granted, your /etc/passwd|yp domain|LDAP should only have common names for the
folks you want in, but these other CA's could issue certs for the same common
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter
Coolkey-devel mailing list