Am Montag, 20. April 2020, 20:58:12 CEST schrieb Christian:
Hi,
Am 20.04.20 um 20:19 schrieb Srinidhi B:
Yes, this is why I had requested [1] you to run "osc signkey --sslcert --create" command. This will create a SSL certificate for your project where you want to build your kernel / kernel module packages.
is it possible to have a global SSL certificate like I do have already with the GPG key ?
This is the gap, that I've tried to close.
will this command also create a GPG key for that project or only the SSL certificate ?
It will create both, an consequently revert your global GPG key settings. This is the reason, why I'm *unhappy* with this procedure.
Why do 'kernel stuff' need to have a x509 cert for signing, while for other packages it is fine to have just a GPG key ?
It's because of the shim/mokutil security circus, I guess.. Pete -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org