Test Day: Shared System Certificates

[Stef Walter]

Come join the Shared System Certificates test day tomorrow:

https://fedoraproject.org/wiki/Test_Day:2013-03-28_Shared_System_Certificates

It's pretty straight forward.

We're also happy to help with testing of the new system certificates
with things that aren't listed in the test day test cases.

Cheers,

Stef

On 03/21/2013 01:40 PM, Stef Walter wrote:
> Hi all,
> 
> You can now try out the Shared System Certificates feature in Fedora 19.
> 
> The goal of this feature is to have nearly all crypto libraries use the
> same default source for their trusted certificate authority anchors and
> blacklist. Adding a new trusted certificate authority can now be done in
> one place.
> 
> https://fedoraproject.org/wiki/Features/SharedSystemCertificates
> 
> Come and join us on the test day next week:
> 
> https://fedoraproject.org/wiki/Test_Day:2013-03-28_Shared_System_Certificates
> 
> The above links also contain documentation about the feature and how to
> try it out (use the test cases).
> 
> This feature affects mainly TLS/SSL clients, and not servers. But it is
> our expectation that both will continue to work as they had on Fedora 18
> without modification.
> 
> Many servers have their own configured CA list (such as apache with
> mod_ssl). This behavior has not changed.
> 
> What are the servers (or system services acting as SSL clients) that
> rely on the system wide CA bundle? We'd like to check that they still
> work, so if you have any to add to our list, please reply here (ideally
> with a few details on how to test the service).
> 
> This is just one step on a road to sharing certificates and keys between
> applications. It's been a long time in coming, and although this is just
> the first step, we believe that it is useful.
> 
> Cheers,
> 
> Stef
>