[CentOS] https and self signed

Gordon Messmer gordon.messmer at gmail.com
Thu Jun 16 20:00:28 UTC 2016


On 06/16/2016 11:23 AM, Valeri Galtsev wrote:
> as the one who has to handle quite a
> few certificates, I only will go with certificates valid for a year,
> ...do I miss something?).


Yes.  The tool that creates certificate/key pairs, submits the CSR, and 
installs the certificate is intended to be fully automated.  In 
production, you should be running it as an automatic job.

As someone who handles a lot of certificates, I can't imagine why I'd 
want any other CA to handle my certs (excluding the EV certs).




More information about the CentOS mailing list