eotk icon indicating copy to clipboard operation
eotk copied to clipboard

Published 20 hours ago verified publisher icon alecmuffett

Generate a new certificate when a host is added to a project

Open qbi opened this issue 7 years ago • 3 comments
trafficstars

Recently I wanted to add a domain to a already existing project. I did:

  1. eotk genkey
  2. Entered the output from above to oldproject.conf. A line like hardmap secrets.d/OUTPUT domainname.
  3. Issued eotk config oldproject.conf
  4. eotk restart oldproject

I was able to use the onion servie, but got a warning about the certifificate. The certificate just used the old onion service name, but not the newly created ones.

I'd have expected that running config also creates a new certificate. Could this be changed or is it intentional?

qbi avatar Feb 25 '18 18:02 qbi

Ooh, that's a good idea. I will have to think about how to do it in the least annoying way.

I think you are right that config should make new certificates, but only upon significant change.

alecmuffett avatar Feb 25 '18 18:02 alecmuffett

the current mechanism exists to minimise the amount of time spent playing certificate whackamole

alecmuffett avatar Feb 25 '18 18:02 alecmuffett

needs revisiting

alecmuffett avatar Jul 04 '19 22:07 alecmuffett