Timothy Murphy-5 wrote: > > I'm trying to work out if /etc/pki/tls/openssl.cnf > is actually used, and if so how one should edit it. > The file provided with Fedora says it is an "example", > and says, inter alia, > dir = ../../CA # Where everything is kept > although in my case at least this directory is empty. > > I glanced through openssl documentation, > but did not see any mention of this particular file. > > Perhaps there is some document that would explain to me > the purpose of this file? > > Presumably this works in a similar way to the dovecot equivalent at /etc/pki/dovecot/dovecot-openssl.cnf In the dovecot case there is a nice certificate generator secretly buried at /usr/libexec/dovecot/mkcert.sh that will execute the generation of dovecot certs based on the content of the dovecot-openssl.cnf file. I don't know if there is an equivalent for the tls directory that you quote but no doubt someone who has used this in earnest will chip in here and say how it is used! -- View this message in context: http://www.nabble.com/What-is-openssl.cnf-for--tp24365184p24374430.html Sent from the Fedora List mailing list archive at Nabble.com. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
