Bug 5541 - grid-cert-request scripts should not require CA email
: grid-cert-request scripts should not require CA email
Status: NEW
: Simple CA
Simple CA
: 4.0.5
: All Linux
: P3 enhancement
: ---
Assigned To:
  Show dependency treegraph
Reported: 2007-09-10 11:18 by
Modified: 2008-08-11 15:51 (History)



You need to log in before you can comment on or make changes to this bug.

Description From 2007-09-10 11:18:29
As suggested on the mailing list,
http://www.globus.org/mail_archive/gt-user/2007/09/msg00063.html, there is no
reason for the SimpleCA scripts to require a CA email address. With other
mechanisms to transport the public key for CA signing, the script should merely
generate the request and suggest the user follow CA's instructions for
obtaining certificate.
------- Comment #1 From 2007-09-10 16:03:48 -------
I cannot see any vital reason to ask for the CA to make user or host keys ?

I want grid-cert-request to make the private key and the
request, nothing else. I can understand it may help users to
get a message about sending the right file to the right mail
address, but we should have an option to avoid that.

I can imagine a user making his own keys without having the CA on his computer.
For the fun:

% grid-cert-request -help
Can't find valid CA config files. Please make sure
that you have installed and setup a CA setup package.
------- Comment #2 From 2007-09-10 16:19:18 -------
Changed configuration based on user's request