rpms / httpd

Clone
Source Code
GIT

f0c4143 Generate SSL keys on service start

5 files Authored by sgallagh 6 years ago, Committed by jorton 6 years ago,
raw patch tree parent
5 files changed. 55 lines added. 35 lines removed.
httpd-init.service
file added
+12
httpd-ssl-gencerts
file added
+24
httpd.service
file modified
+2 -1
httpd.spec
file modified
+16 -33
ssl.conf
file modified
+1 -1 
    Generate SSL keys on service start
    
    This defers the creation of self-signed SSL certificates to the
    first time that httpd starts up. This has several advantages:
    
    * Waiting until the first boot will help avoid some issues with
      limited entropy in the install process.
    * The certificates can be regenerated automatically whenever they
      are removed, which helps with tools such as virt-sysprep
    * The certificates are now generated by SSCG, which produces a
      limited-trust CA alongside it that can be safely imported by a
      client.
    
    For more information on SSCG, see:
    https://sgallagh.wordpress.com/2016/05/02/self-signed-ssltls-certificates-why-they-are-terrible-and-a-better-alternative/
    
    Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
file added
+12
file added
+24
file modified
+2 -1
file modified
+16 -33
file modified
+1 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.