jrabbit
commented
4 years ago There may be a method to do this but you have to do the whole mTLS dance still.
Closed lesar closed 4 years ago
jrabbit
commented
4 years ago There may be a method to do this but you have to do the whole mTLS dance still.
lesar
commented
4 years ago Ok, it is not necessary: self signed certificate are the same of public ca certificate, the only difference is the trust of it in public environment. but using the certificate inside our company let it very trusted to us. :-)
I have succesfull set up a server using letsencrypt certificate.
Work well.
I install on ubuntu 19.10 server and client using apt.
there is one problem: to make it work I have to change some permission on letencrypt file to make readable by taskd user.
for private.key it is a problem. It have to be read only by root end not from taskd user
(
server.key /etc/letsencrypt/live/domain.com/privkey.pem) Have you any suggest to achieve this problem?Is better to install a new certificate by letsencrypt avoid to use the site certificate?
Is better to use a self signed certificate?
Let me know.
P.S. I have revert all change to self signed certificate: use privatekey.pen on not root user is too dangerous but I it can be not true. The question is still request.
Best regards, Leonardo