Yo Richard! On Thu, 31 Jan 2019 19:48:37 -0600 Richard Laager via devel <devel@ntpsec.org> wrote:
> On 1/31/19 7:28 PM, Hal Murray via devel wrote:
> > I'm looking for a way to test without a domain.
> The problem with using a self-signed certificate is that it won't
> validate.
Maybe, ways around it, and not required.
> So you either need a configuration option to tell ntpd to
> ignore the NTS-KE server's certificate failure, or you actually need
> to setup your own private CA.
Both easy.
But Let's Encrypt (LE) is even easier, why bother?
> Such a confirmation option may be desirable for testing. But it's also
> an attractive nuisance.
Yes, LE is best if you have a FQDN.
> In a world where certificates are available
> for free from Let's Encrypt, I'm not sure it's necessary. I know that
> you are personally looking to do this without a domain, but how
> common are people who are _both_ looking to run an NTP server _with
> NTS_ and do not have a domain?
And not have a stable FQDN.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
g...@rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
pgpwsDNnhKF2L.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
