> On 25 May 2022, at 14:06, SCOTT FIELDS <scott.fie...@kyndryl.com> wrote: > > I apologize for the very general inquiry. > > Are there any plans to have system natively support its own trust store for > items like CAs, x509 certs, passwords & truststores akin to the keychain in > Windows and OS X?
But these are solved problems on modern Linux systems aren't they? At least with RHEL and Fedora they have trust store and keychains. > > I still find the management of PKIs in /etc/pki to be problematic. For my home network I have my own DNS domain and CA setup. It was easy to add the CA to Fedora's trust store. > > Having this available as a core service within systemd using like APIs either > in (mostly deprecated) CAPI or the new CNG Barry > > > Scott Fields > IBM/Kyndryl > SRE – BNSF > 817-593-5038 (BNSF) > scott.fie...@kyndryl.com <mailto:scott.fie...@kyndryl.com> > scott.fie...@bnsf.com <mailto:scott.fie...@bnsf.com>
