22 Jan
2007
22 Jan
'07
3:03 p.m.
I think a large part of my problem is the creation of a Certificate authority. This will get a little Hypothetical so let me lay a few facts out on the table. Mandriva 2007 discontinues CA.sh in favor of CA.pl Certificates as far as I know, at least the demo certs are in /etc/pki/tls - not /usr/lib/ssl Its very possible, that said Certificate authority for Radius could hypothetically be used layer for IPSec. This being the case, what would the best strategy be for implementing a PKI CA. Should I make one Cert for every host? One server host and one client Cert for all hosts? Different CAs for different Services? How will Mandriva's architecture change affect this?