On 12/13/13 10:40 AM, Yiteng Zhang wrote:
On 12/13/13 10:25 AM, Danek Duvall wrote:
Yiteng Zhang wrote:Hi,
Hi,Why the changes to generate_certs?
For this one, I regenerated the certificates and keys with updated
duration for test suite. Please see the following link and let me
To change generate_certs.py is to keep the generated keys stored in the
old format, which is created by OpenSSl 0.9.8 and not encrypted. The
problem is when I use the original generate_certs.py file, it would use
OpenSSl 1.0.0 and generate the keys in an encrypted format. And since
Apache has no support for encrypted private keys currently, refer to
Apache can not read the encrypted keys and would fail. Thanks to Erik
pointing out this issue.
One more thing I realized reading this the second time.
We are using OpenSSL 1.0.0 either way, the only thing changed is the *default* key format. We just have to make sure that we don't use the default key format for 1.0.0 but use the format which was default for 0.9.8.
[pkg-discuss] Re: Code review request for 17913496 certificates for test suite are expiring