after finally cert are moved under /etc(/pki...) which should have been done for a long time ago, it's not clear to me. if there is a dir /etc/pki/CA then why ca-bundle.crt put under /etc/pki/tls/certs (in openssl)? what is the new proposed 'standard'? for me it's totaly irrelevant what is the standard (anything else than /usr/share/ssl is better), but i'd like to know it. is there any docs about it? if ca-bundle.crt than eg. my CA should have to put into /etc/pki/tls/certs or /etc/pki/CA?
at the same time openssl's Makefile still create certs into
/etc/httpd/conf/ssl.xxx/
and the CA scripts still use the old hierarchy under /etc/pki/CA.
so what is the current situation?
thanks in advance.
yours.
-- Levente "Si vis pacem para bellum!"
