| Re: [chrony-users] NTS CA certificate |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-users Archives
]
- To: chrony-users@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [chrony-users] NTS CA certificate
- From: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
- Date: Mon, 1 Mar 2021 14:44:42 +0100
- Authentication-results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=mlichvar@xxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1614606286; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6HIQ0nW/eew+jPV7dUi6/sluWBESGte90K0zDeS7sig=; b=e7/hu8PFGjVFcePgZfKdmnrEjYDHP2msKAfsHVEkOI55YRl+o8a9pKTHJ4TFEY7TlzS9qS ilvHgChe0kuPUp1dRKM/gZuCorabc151CAzb7T2HLQFDEpImTjWJKn4Chv0ul+U5CSSq0g AnuzTzqb097b4gxqH5jIMpgJLhkbSFE=
On Mon, Mar 01, 2021 at 01:22:41PM +0000, Alkistis Tsoulakou wrote:
> Hello,
> I would like to ask you regarding the ntstrustedcerts file parameter present in chrony.
> From my understanding this parameter is applicable to chrony client and is an optional one. Correct?
Yes.
> If not configured then only default trusted CA's are used.If configured then we should specify the exact filename containing the certificates.
> Correct?
Yes.
> If we do want to use special trusted CA's which configuration is needed in chrony client?
Only ntstrustedcerts and possibly nosystemcert if you don't want to
trust the system's default certificates.
--
Miroslav Lichvar
--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.