Date: Fri, 6 Jan 2017 12:01:57 -0500 From: "James B. Byrne" <byrnejb@harte-lyne.ca> To: freebsd-questions@freebsd.org Subject: FreeBSD-11 Jails and PKI Message-ID: <d70f72266d2fb772296601c829e1d408.squirrel@webmail.harte-lyne.ca>
next in thread | raw e-mail | index | archive | help
If I want to make a binary application available to all jails do I put
it in /usr/jails/basejail/bin or somewhere else? Or is this
impossible?
If possible then do such applications need to be statically linked?
Similarly, given that I wish to maintain a common repository of pki
keys and certificates that are shared between jails, do I place these
in or under /usr/jails/basejail/usr/share/openssl/? or somewhere else?
Or not at all and place them separately in each and every jail that
requires TLS?
The main issue I am dealing with is that we run a private PKI CA and
need to add our root certificates to the ca-bundle after each update
to /usr/local/share/certs/ca-root-nss.crt.
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d70f72266d2fb772296601c829e1d408.squirrel>