On Tue, 2004-12-21 at 17:01 -0500, Colin Walters wrote: > On Tue, 2004-12-21 at 21:28 +0100, Enrico Scholz wrote: > > > A better place for the certificates would be somewhere under /etc. Agreed. > Longer term, I think we really want a more formal certificate management > system, with a defined interface for installing a certificate on the > system (or for a specific user), removing certificates, granting access > to certain certificates to particular daemons, creating a new CA, etc. Also agreed. As it was I just copied the %post script from dovecot, but I note that mod_ssl does it differently. > A first step at this could be a utility like install-certificate that > just dropped certs into a well-defined directory in /etc. Provide a patch which adds this to the openssl package, I suppose. Once this exists we can fix the Exim/dovecot/etc RPMs to use it. -- dwmw2
