On 17/02/2021 21:58, Christopher Schultz wrote:
>> Yeah, creation on demand would be nice but it currently requires OpenSSL
>> which isn't guaranteed to be available.
>
> Why not keytool or a "simple" Java driver to do the same?
>
>> The entropy issue is a larger concern.
>
> Yup. Unless we c
Mark,
On 2/17/21 12:25, Mark Thomas wrote:
On 17/02/2021 17:16, Christopher Schultz wrote:
Mark,
Why not simply mint a self-signed cert that lasts a long time? They are
self-signed so global trust isn't important. If global-trust isn't
important then it's okay if someone "steals" them any time
On 17/02/2021 17:16, Christopher Schultz wrote:
> Mark,
>
> Why not simply mint a self-signed cert that lasts a long time? They are
> self-signed so global trust isn't important. If global-trust isn't
> important then it's okay if someone "steals" them any time they like.
Mainly to act as a deter
Mark,
Why not simply mint a self-signed cert that lasts a long time? They are
self-signed so global trust isn't important. If global-trust isn't
important then it's okay if someone "steals" them any time they like.
Having to re-generate the certs is just a nuissance and causes
revision-churn
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new e322a6b Renew all the server test certs
e322a6b
