Limit the data in the self-signed certificate.

GridProtectionAlliance / SIEGate

Secure Information Exchange Gateway

MIT License

6 stars 4 forks source link

Limit the data in the self-signed certificate. #6

Closed StevenChisholm closed 4 months ago

StevenChisholm commented 7 years ago

When creating the certificate for SIEGate, it should not contain so much identifying information about the machine. In control center environments, much of the data in this certificate is considered confidential and these certificate exchanges are done in the clear. Since certificates are trusted based on their key, there shouldn't be a requirement to include any identifying information.

ritchiecarroll commented 7 years ago

The code tool that will generate a self-signed certificate with limited and/or user assigned information has been added to GSF. This can now be made available as a cert creation tool in other projects like SIEGate. We will add it to the roll down process and get the tool added to the installer.

ritchiecarroll commented 4 months ago

Updated cert to be generated via PowerShell