Yedidyah Bar David has posted comments on this change. Change subject: packaging: pki: Use own openssl.conf ......................................................................
Patch Set 1: > for trivial utility use that does not produce any new pki artifact there is > no reason why not to use the system defaults. Well, unless they do not exist or work. I wouldn't push this change without a report, but do not think it adds much "price". > for these actions that we acting as CA either generate certificate request or > enroll certificate we need to make sure we get what we want. > but if you want this to be enforced you probably need to remove the -config > from openssl usage to be consistent. I agree. > I almost sure that openssl can run with empty configuration, as default are > compiled within binary. No, it does not. As I commented earlier, without this change, and without a conf file, it fails. > Personally, I do not think we should enforce anything on the trivial usage. That's also fine with me. Abandon and forget? I do not think it's very important, but also do not see a good reason to not change. -- To view, visit http://gerrit.ovirt.org/25055 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I74f7000c590144ab821c797897d9036df956973e Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yedidyah Bar David <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Sandro Bonazzola <[email protected]> Gerrit-Reviewer: Yedidyah Bar David <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
