Commit 95d1601f authored by Leigh Stoller's avatar Leigh Stoller

Add README as Kirk requested. Also neuter the clean target (renamed

as cleanX) since removing the directory is a really bad thing to do.
parent 9a8bb61f
......@@ -150,5 +150,8 @@ tipserv-install: $(INSTALL_SBINDIR)/capture.pem
chmod 640 $(INSTALL_SBINDIR)/capture.pem
clean:
@echo "BE VERY CAREFUL! CLEANING THE SSL DIR CAN CAUSE DISASTER!"
cleanX:
rm -f *.pem serial index.txt *.old dirsmade *.cnf
rm -rf newcerts certs
http://www.aboveground.cx/~rjmooney/projects/misc/clientcertauth.html
http://www.stunnel.org/faq/certs.html#ToC1
http://www.ultranet.com/~fhirsch/Papers/cook/ssl_cook.html
http://www.rtfm.com/openssl-examples/
http://www.columbia.edu/~ariel/ssleay/x509_index.html
http://www.pseudonym.org/ssl/ssl_nsclient_certs.html
These certs are used by tmcd/tmcc. Creating the certs is simple:
gmake
gmake boss-installX
Then on a client node (where you are going to create an image from).
gmake client-install
**************************************************************************
* CAUTION: Once you have created the certs and installed the pem files
* in the client images, you do not want to rerun and reinstall, since
* that would invalidate those certs already stashed in images. In fact,
* it is a good idea never to clean this directory or remove it!
**************************************************************************
-----
Here are some links I found useful when working on this.
http://www.aboveground.cx/~rjmooney/projects/misc/clientcertauth.html
http://www.stunnel.org/faq/certs.html#ToC1
http://www.ultranet.com/~fhirsch/Papers/cook/ssl_cook.html
http://www.rtfm.com/openssl-examples/
http://www.columbia.edu/~ariel/ssleay/x509_index.html
http://www.pseudonym.org/ssl/ssl_nsclient_certs.html
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment