[Dev] certificates have been renewed
fauno at kiwwwi.com.ar
Thu Feb 21 16:40:56 GMT 2013
Michał Masłowski <mtjm at mtjm.eu> writes:
>> and reloaded nginx (on both servers) and prosody. is something else
>> using tls? if not, why not? :P
> postfix on repo should be.
have you restarted it?
>> ps: hitting "renew" on cacert doesn't work, we have to generate a new
>> csr using the host key.
>> certtool -q --load-privkey=$host.key --outfile=$host.$today.csr
> Do we have a policy of replacing private keys?
i didn't replace them, but we have a key per host while we can have just
a parabola key (easier on configs?). what are you thinking?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 489 bytes
Desc: not available
More information about the Dev