All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

Commit 95d1601f authored by Leigh B. Stoller's avatar Leigh B. Stoller

Add README as Kirk requested. Also neuter the clean target (renamed

as cleanX) since removing the directory is a really bad thing to do.
parent 9a8bb61f
......@@ -150,5 +150,8 @@ tipserv-install: $(INSTALL_SBINDIR)/capture.pem
chmod 640 $(INSTALL_SBINDIR)/capture.pem
clean:
@echo "BE VERY CAREFUL! CLEANING THE SSL DIR CAN CAUSE DISASTER!"
cleanX:
rm -f *.pem serial index.txt *.old dirsmade *.cnf
rm -rf newcerts certs
http://www.aboveground.cx/~rjmooney/projects/misc/clientcertauth.html
http://www.stunnel.org/faq/certs.html#ToC1
http://www.ultranet.com/~fhirsch/Papers/cook/ssl_cook.html
http://www.rtfm.com/openssl-examples/
http://www.columbia.edu/~ariel/ssleay/x509_index.html
http://www.pseudonym.org/ssl/ssl_nsclient_certs.html
These certs are used by tmcd/tmcc. Creating the certs is simple:
gmake
gmake boss-installX
Then on a client node (where you are going to create an image from).
gmake client-install
**************************************************************************
* CAUTION: Once you have created the certs and installed the pem files
* in the client images, you do not want to rerun and reinstall, since
* that would invalidate those certs already stashed in images. In fact,
* it is a good idea never to clean this directory or remove it!
**************************************************************************
-----
Here are some links I found useful when working on this.
http://www.aboveground.cx/~rjmooney/projects/misc/clientcertauth.html
http://www.stunnel.org/faq/certs.html#ToC1
http://www.ultranet.com/~fhirsch/Papers/cook/ssl_cook.html
http://www.rtfm.com/openssl-examples/
http://www.columbia.edu/~ariel/ssleay/x509_index.html
http://www.pseudonym.org/ssl/ssl_nsclient_certs.html
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment