Joe Orton wrote: > 1. certificate storage is split between /etc/httpd/conf/ssl.* > for mod_ssl-specific stuff, and and /usr/share/ssl for system-wide > 2. ... and /usr/share/ssl is Very Wrong for "config data" like certs > 3. increasing number of daemon packages are creating self-signed > certs in %post scripts; could/should this be unified? For what it's worth, Debian puts its certs in /etc/ssl/certs. There may be a problem with apache accessing files in /etc/ssl because of SELinux, but I don't know much about SELinux yet. Having the contents of /usr/share/ssl in /etc would be nice, since it's mainly config files (except the scripts). Regards, Aurélien -- http://gauret.free.fr ~~~~ Jabber : gauret@xxxxxxxxxxxxx No, I coded it crappily on purpose, just so that I could say "There's plenty of room for optimization."
