Talk:OpenSSL

From ArchWiki
Jump to navigation Jump to search

Plan

  1. Remove the ca section and Certificate authority because running a CA is a highly advanced topic for which one should consult the official documentation.
  2. Move GOST engine support to a new Tips and tricks section.
  3. Create a Certificate section below Generating keys.
    1. Remove the SSL introduction because Wikipedia does a better job at explaining and the definitions are at least partially wrong.
    2. Merge the req section with Creating certificate signing requests and explain how to provide a temporary config file with -config.
    3. [DONE] Mention Let's Encrypt and link List of applications/Internet#ACME clients.
  4. [DONE] Create a TLS certificate redirect to OpenSSL#Certificate Template:TLS note Server-side TLS article.
  5. Make web server and mail server articles link TLS certificate transclude Template:TLS note instead of duplicating it OpenSSL#Certificates and Server-side TLS.

What do you guys think?

--Larivact (talk) 17:57, 28 June 2018 (UTC)

Since nobody responded in a week, I went ahead and made some changes. In particular I removed the sections containing only config snippets and created Template:TLS note. --Larivact (talk) 07:32, 6 July 2018 (UTC)
I now also created Server-side TLS, I am not so sure about Template:TLS note anymore. --Larivact (talk) 14:11, 6 July 2018 (UTC)
I reverted the pages where I added Template:TLS note and improved the Warnings manually. --Larivact (talk) 16:56, 6 July 2018 (UTC)
The changes since this summer have been very substantial, not saying the previous information was necessarily relevant but to make sure this has been discussed and this is not purely the view of one person would give me more comfort, could you confirm? --- Kewl (talk) 14:47, 10 November 2018 (UTC)
This has not been discussed because nobody has replied. I announced the two major removals three months prior, the only thing I did not announce was the creation of Transport Layer Security, GnuTLS and mbed TLS. --Larivact (talk) 16:43, 13 November 2018 (UTC)
Hi, I know I am late to this. I have been trying to figure what in 3.1 replaced the [1] acronym explanations. The remove mentions wikipedia as replacement, but leaves no links (instead removes some too). Which link(s) were referred to? Transport Layer Security#Obtaining a certificate? --Indigo (talk) 11:21, 1 December 2018 (UTC)
It would be great to add more instructions for local trusted certificate generation (incl. SAN).
Also is this update still valid when updating the trust store? Francoism (talk) 15:09, 14 December 2018 (UTC)