[Dovecot] [patch] gssapi support
Colin Walters
walters at verbum.org
Tue Jul 13 20:44:49 EEST 2004
On Tue, 2004-07-13 at 19:04 +0300, Timo Sirainen wrote:
> On 13.7.2004, at 18:17, Colin Walters wrote:
>
> > The major problem I ran into was
> > getting my dad and some of my friend's Windows machines to trust my CA.
> > It involved a lot of complexity with this "mmc" program. Not to
> > mention
> > my dad has multiple machines, one of them at his office that I didn't
> > have access to. The rest of my friends use Linux as I do, but even
> > there configuring different applications to trust a certificate isn't
> > easy.
>
> Adding new CAs is actually pretty easy in Windows. You right click it,
> "install certificate", place it into "Trusted root certificates" and
> click ok/next a few times.
I'll take your word for it. I had just searched the Microsoft site
about the issue and found an article that told me to use mmc.
> I have no idea how to do it in Linux though. Does OpenSSL have some
> hardcoded root certificates directory, or does each program handle it
> in it's own way?
Both :)
On my Fedora system all the root certificates are in
/usr/share/ssl/certs/ca-bundle.crt.
But there is no standard way for an unprivileged user to write to that
file.
> Before Evolution used to ask me constantly about my
> certificate, and lazy as I were I just clicked "ok". Nowadays it seems
> to be silent, maybe one day it started remembering it.
I think Evolution remembers the result now, and keeps it around in its
own certificate cache.
If it's really as easy to install root certificates on Windows as you
say, then I might give it another try.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20040713/408e868b/attachment.pgp
More information about the dovecot
mailing list