[Officeshots] Easier authentication file - feature request
Sander Marechal
s.marechal at jejik.com
Thu Oct 15 14:47:10 CEST 2009
Michiel Leenaars wrote:
> I was wondering what you all thought about the following feature request annex
> process improvement:
Don't forget to file it on http://code.officeshots.org as well!
> The feature I would like to see is to directly generate a passwordless PEM
> file for the user on the Officeshots.org website.
Why passwordless? The standard factory can handle password protected PEM
files, thanks to M2Crypto.
> Once the users' email
> address is validated by us (which is all the certificate authorities do as
> well), the user can log in and download the PEM file and get straight to work.
> Since the only dedicated use for this certificate is the Officeshots service,
> this I feel is the safest way to operate - and it saves the factory operator a
> lot of work.
I'm not sure if it will save work. In order to generate these
certificates we'd have to make our own CA root certificate for the
server to sign those downloadable certificates with. I think that
factory owners must install that CA root certificate on their own
machine or M2Crypto will start complaining.
So, instead of converting a browser certificate to PEM, the factory
owners need to install our custom root certificate.
I'm not 100% sure though. I'd have to try it out. But I think M2Crypto
will complain without a root certificate it can check.
--
Sander
More information about the Officeshots
mailing list