[CentOS] Why is localhost self-signed cert a CA cert?

Craig White craig.white at ttiltd.com
Tue Jan 8 23:31:14 UTC 2013


On Jan 8, 2013, at 4:27 PM, Robert Moskowitz wrote:

> On 01/08/2013 05:07 PM, Gordon Messmer wrote:
>> On 01/08/2013 11:49 AM, Robert Moskowitz wrote:
>>> Why was this chosen?  Why is not -extensions v3_req used in the
>>> certificate creation?
>> Because it has to be able to sign itself?
> 
> I just checked a couple RFCs. If this is a root CA cert, of course it is 
> self-signed. By definition.
> 
> But a self-signed server cert is not a CA root cert....
----
it is a CA root certificate if I say it is.

Craig



More information about the CentOS mailing list