On 17/02/2021 17:16, Christopher Schultz wrote: > Mark, > > Why not simply mint a self-signed cert that lasts a long time? They are > self-signed so global trust isn't important. If global-trust isn't > important then it's okay if someone "steals" them any time they like.
Mainly to act as a deterrent to anyone using these certs in any sort of production system. Yes, that would be a monumentally bad idea but I wouldn't be surprised if it happened. It is also nice to see things expiring. It reassures me that stuff is working as it should :) > Having to re-generate the certs is just a nuissance and causes > revision-churn. Updating the certs is trivial. Just copy and past a handful of commands in the text file in the PMC repo. Given the ever changing requirements of server certs, I don't think the revision churn would be that different with longer expiry times. > I think it would be better to either mint the certs as needed (e.g. in > the tests themselves) or just use a cert that lasts a long time (e.g. 30 > years). Minting on-demand might kill the entropy on the server, so > that's not a great idea. Yeah, creation on demand would be nice but it currently requires OpenSSL which isn't guaranteed to be available. The entropy issue is a larger concern. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
