From: "Michael Ströder" <michael@stroeder.com> To: galene@lists.galene.org Subject: [Galene] Re: Heads up: Galène generates self-signed certificates Date: Wed, 24 Feb 2021 22:57:30 +0100 [thread overview] Message-ID: <220c342f-4d94-2976-525b-f0a0e7d453e3@stroeder.com> (raw) In-Reply-To: <CAA93jw4U7wCKRyCv9WzqZTN_4SyrzFSuSARkJKPaK2EpT3K9sg@mail.gmail.com> On 2/24/21 10:29 PM, Dave Taht wrote: > I strongly agree with being able to generate a self signed cert. That's easy to do. > and asking folk to run the openssl command line is just asking for trouble. Really? > I vastly prefer to not register some things with any centralized > authority and explain to potential users that's why it isn't > registered and that the "invalid cert" thing is misleading. Being one who runs simple shell script CAs for all internal self-hosted stuff I definitely don't preach using public CAs everywhere. But I have too much experience to teach people what to do with certs in browsers and don't want to do that again for external Galène users. > I however wouldn't mind if that there was a command within galene to > fire off the lets encrypt facility if a box is on the public internet > and has working dns. shell out to acme, I think.... Re-reading cert.pem and key.pem for more convenient key rotation is already great. But leave the rest to developers of certbot or other ACME clients. IMHO there is way more important stuff to do. Ciao, Michael.
next prev parent reply other threads:[~2021-02-24 21:57 UTC|newest] Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-02-24 19:30 [Galene] " Juliusz Chroboczek 2021-02-24 19:47 ` [Galene] " Michael Ströder 2021-02-24 21:16 ` Juliusz Chroboczek 2021-02-24 21:24 ` Juliusz Chroboczek 2021-02-24 21:29 ` Dave Taht 2021-02-24 21:55 ` Toke Høiland-Jørgensen 2021-02-24 21:57 ` Michael Ströder [this message] 2021-02-24 22:25 ` Juliusz Chroboczek 2021-02-24 22:02 ` Juliusz Chroboczek 2021-02-24 21:44 ` Michael Ströder
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style List information: https://lists.galene.org/postorius/lists/galene.lists.galene.org/ * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=220c342f-4d94-2976-525b-f0a0e7d453e3@stroeder.com \ --to=michael@stroeder.com \ --cc=galene@lists.galene.org \ --subject='[Galene] Re: Heads up: Galène generates self-signed certificates' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox