keyctl
commented
4 years ago You can generate the DH parameters with
openssl dhparam -out /etc/ssl/private/dh_param.pem 4096Closed Miro-H closed 4 years ago
keyctl
commented
4 years ago You can generate the DH parameters with
openssl dhparam -out /etc/ssl/private/dh_param.pem 4096This partly fixes #9.
keyctl
commented
4 years ago This should now work fine. I ran a completely new build and it works without errors.
@Miro-H @Liblor Can we merge this branch so it doesn't diverge too much?
Miro-H
commented
4 years ago @keyctl my changes are not yet reviewed, but I think they should work. @Liblor, maybe you can take a quick look at the openssl.cnf (Root CA and intermediate CA key and CRL generation)? The rest is not so critical.
After that we can merge. @keyctl, I took a quick look at your refactoring and didn't see any problems.
Liblor
commented
4 years ago Is anyone of you a gitmaster? Since some stuff got move around it is already quite a pain :(
keyctl
commented
4 years ago Is anyone of you a gitmaster? Since some stuff got move around it is already quite a pain :(
I can try if we are good to merge.
Liblor
commented
4 years ago Is anyone of you a gitmaster? Since some stuff got move around it is already quite a pain :(
I can try if we are good to merge.
There are some pitfalls, since for example DataModel.User.Id got changed to DataModel.User.Uid in this branch (certserver), but the file got moved in the master branch, git doesn't recognize this automatically. So it wants to delete CertServer/Models/User.cs and keep the "old version" at the new location. There might be other cases like this...
Miro-H
commented
4 years ago @keyctl I think this can be merged now. In case there are some merge conflicts which raise functional questions, let me know when I can help.
Main changes:
/etc/ssl/trustedaccessible to grouptls-trustedRegeneration of infrastructure tested and seems to work.