Convert to prompt=no, with per cert config files. This avoids all
interaction with the user. The main point to note is that for the clients, there is a localnode.cnf and a ronnode.cnf. The difference is that I encode the type (pcron) in one of the extra fields so that tmcd can do a check on it. This is in lieu of per client certs, which would be a big pain in the butt right now. As we add other remote groups, we will create new config files. I bet this will change over time, as we learn more. Chad, it would be nice the tiptunnel cert could be generated from this setup.
ssl/NOTES
0 → 100644
ssl/ca.cnf.in
0 → 100644
ssl/emulab.cnf.in
0 → 100644
ssl/localnode.cnf.in
0 → 100644
ssl/mkclient.sh
0 → 100755
ssl/openssl.cnf
deleted
100644 → 0
ssl/ronnode.cnf.in
0 → 100644
ssl/server.cnf.in
0 → 100644
Please register or sign in to comment