Michael Stenner wrote:
On Mon, Nov 20, 2006 at 06:35:59PM +0000, Ben Grommes wrote:
As far as I can tell there is no support in yum for validating the server cert
used by an https accessible yum repository. Can someone confirm that this is
indeed the case?
Specifically, I was looking for the ability to specify a trusted ca cert to
check the issuer of the ssl server cert against as part of establishing the
https connection.
James Bowes recently added M2Crypto support to urlgrabber. It's in
the most recent version, 3.1.0. However, it requires that M2Crypto be
available. Also, support doesn't currently exist at the yum level,
but I'm betting if you ask nicely, that could be made to happen.
It's possible that patches and/or plugins already exist to do it, but
I don't know about that.
-Michael
I posted a patch to yum-devel [1] that adds the rest of the bits to let
yum do cert checking with urlgrabber. It just adds an sslcacert option
for the repo config, which is the location of the cert on disk.
-James
[1]
https://lists.dulug.duke.edu/pipermail/yum-devel/2006-September/002617.html
_______________________________________________
Yum mailing list
Yum@xxxxxxxxxxxxxxxxxxxx
https://lists.dulug.duke.edu/mailman/listinfo/yum