Enhancement #258
closed
Add most SSL certs on Thorfinn by default
100%
Description
Currently, only a few certificates are allowed on Thorfinn. However, as it provides shell access to users (who potentially have screens and IRC clients running), it is not really user-friendly even if it is the most secure way. Perhaps, services such as jabber could just add /usr/local/share/ca-certificates and the defaults would use /usr/share/ca-certificates.<
Updated by Marc Dequènes over 12 years ago
- Category set to Service :: IS / AAA / PKI
- Status changed from New to Blocked
- Assignee set to Marc Dequènes
- Security changed from No to Yes
ejabberd is the only problematic service on this host. 2.1.9, which has just been released, has a new option to specify the certfile. I'll do the upgrade and configuration as soon as this new version is packaged.
Then, i'll be able to switch back to full broken certs support, as an exception for this host.
And the admin and user documentation should really be updated.
Updated by Marc Dequènes over 12 years ago
- Status changed from Blocked to Resolved
- % Done changed from 0 to 100
resolved a while ago