Mailinglist Archive: opensuse (769 mails)

< Previous Next >
[opensuse] certifcates

I'm currently wondering where the "correct" location is in Leap 42.1 to
save server certificates and keys.
I think I heard that /etc/ssl/certs is not to be used because updates
might overwrite the content.
So I saved both into /etc/ssl/private but quickly ran into another
issue. /etc/ssl/private is only readable by root. I need in this case
access for "ldap" to read the key and certificate and used setfacl to
give read access to that user.
Now apparently the openssl update which came in changed the directory
permissions again so that ldap couldn't access /etc/ssl/private anymore.

Therefore the simple question:
Somebody must have thought about where to save those certificates and
how to secure access to them.

Any pointer?

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups