Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 6 Jan 2017 12:01:57 -0500
From:      "James B. Byrne" <byrnejb@harte-lyne.ca>
To:        freebsd-questions@freebsd.org
Subject:   FreeBSD-11 Jails and PKI
Message-ID:  <d70f72266d2fb772296601c829e1d408.squirrel@webmail.harte-lyne.ca>

next in thread | raw e-mail | index | archive | help
If I want to make a binary application available to all jails do I put
it in /usr/jails/basejail/bin or somewhere else?  Or is this
impossible?

If possible then do such applications need to be statically linked?

Similarly, given that I wish to maintain a common repository of pki
keys and certificates that are shared between jails, do I place these
in or under /usr/jails/basejail/usr/share/openssl/? or somewhere else?
Or not at all and place them separately in each and every jail that
requires TLS?

The main issue I am dealing with is that we run a private PKI CA and
need to add our root certificates to the ca-bundle after each update
to  /usr/local/share/certs/ca-root-nss.crt.

-- 
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne                mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d70f72266d2fb772296601c829e1d408.squirrel>