Danny Horne writes:
> On 24/01/18 16:37, Dirk Stöcker wrote:
>> It's not sooo complicated:
>>
>> Short guide for UNIXoid systems:
>>
> After a long gap (and a recent server rebuild), I've revisited this and
> after a few false starts think I've created the CA and server
> certificates correctly u
On 24/01/18 16:37, Dirk Stöcker wrote:
> It's not sooo complicated:
>
> Short guide for UNIXoid systems:
>
After a long gap (and a recent server rebuild), I've revisited this and
after a few false starts think I've created the CA and server
certificates correctly using Dirk's instructions. On impl
On Wed, 24 Jan 2018, Harald Koch wrote:
It's not sooo complicated:
The length of your message contradicts that statement.
Well, I assumed that for people who operate a proper postfix instance 3
different command sets and creating two files is't complicated. If that
assumption is untrue an
On Wed, Jan 24, 2018, at 08:37, Dirk Stöcker wrote:
>
> It's not sooo complicated:
The length of your message contradicts that statement.
(These days I recommend https://github.com/square/certstrap because it's
easily scripted. I'm currently using it in several ansible playbooks,
for example.)
On Wed, 24 Jan 2018, Viktor Dukhovni wrote:
One one want to start with "umask 077", to avoid creating
world-readable private key files. This should not be
necessary with OpenSSL 1.1.0 and later, but older versions
(e.g. OpenSSL 1.0.2) create all output files with default
permissions, constraine
> On Jan 24, 2018, at 11:37 AM, Dirk Stöcker wrote:
>
> 1) Create a new CA (only once - it is a good idea to add a date in name, in
> case you have to change it later):
> openssl req -new -x509 -nodes -subj
> '/C=DE/ST=Germany/L=Berlin/O=Company/CN=Company Root Certificate
> 2018/emailAddres
On Wed, 24 Jan 2018, Danny Horne wrote:
On 22/01/2018 3:52 pm, Viktor Dukhovni wrote:
On Jan 22, 2018, at 10:06 AM, Danny Horne wrote:
Private CA sounds interesting, will have to read up about it
You can get away with a lot less complexity than the usual OpenSSL CA.
See, for example:
h
