[prev in list] [next in list] [prev in thread] [next in thread]
List: spacewalk-list
Subject: Re: [Spacewalk-list] =?utf-8?q?=C2=A0_Regenerating_ssl_certificate_wi?=
From: Robert Paschedag <robert.paschedag () web ! de>
Date: 2015-10-15 6:15:28
Message-ID: 145930437.2.1444889728885.JavaMail.robert.paschedag () web ! de
[Download RAW message or body]
[Attachment #2 (text/html)]
<p><p>Hi,<br><br></p><p>this should work, as long as the root CA that signed the cert \
didn't change! This is what is stored within \
RHN-ORG-TRUSTED-SSL-CERT.<br><br></p><p>Regards<br></p><p>Robert<br><br><br><br><br></p><p>sent \
from my mobile device<br><br></p><p></p></p><div class='dm__nested'><div \
class='dm__nested_header'>--------- Original Message ---------<br> <b>From</b>: Ian \
Bishop <IBISHOP@BCLC.com><br> <b>To</b>: "spacewalk-list@redhat.com" \
<spacewalk-list@redhat.com><br> <b>Date</b>: Thu Oct 15 07:16:06 MESZ 2015<br>
<b>Subject</b>: [Spacewalk-list] Regenerating ssl certificate with Spacewalk 2.4 SHA1 \
to SHA2<br> </div>
Hi all, I hope someone can confirm a question for me. Note I'm seeding my question \
with as many useful keywords to aid in finding the answer for everyone else who is \
going to need this.<br><br>The question is after upgrading from Spacewalk 2.3 to 2.4, \
can I generate a new SHA256 ssl cert/RPM with the spacewalk-certs-tool (rhn-ssl-tool \
--gen-server) for each of the web servers and proxies without having to change the \
certs on the clients? From my digging it looks like I should be able to do that \
without creating a new RHN-ORG-TRUSTED-SSL-CERT. So the answer seems to be yes. Can \
anyone confirm?<br><br>I would test it myself, but I need the answer ASAP to respond \
to an audit and won't have access to an environment for a while.<br><br>Currently I \
am running Spacewalk 2.3 with many remote clients, one master Spacewalk and two \
proxies.<br><br>Also, this would be very useful info for the 2.3 to 2.4 upgrade \
document.<br><br>Thanks very much in advance, \
Ian<br>________________________________<br>This email is intended only for the \
addressee. It may contain confidential or proprietary information that cannot be \
disclosed without BCLC's permission. If you have received this email in error, please \
notify the sender immediately and delete the \
email.<br><br>_______________________________________________<br>Spacewalk-list \
mailing list<br>Spacewalk-list@redhat.com<br>https://www.redhat.com/mailman/listinfo/spacewalk-list<br></div>
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic