答复: [chrony-users] about how to ues the NTS

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]


How should the NTS server certificate and key be generated? The method in the test case or other methods show that the certificate is untrusted. Why is this cause and what command should be used?

-----邮件原件-----
发件人: chengyechun 
发送时间: 2022年9月20日 9:28
收件人: chrony-users@xxxxxxxxxxxxxxxxxxxx
主题: 答复: [chrony-users] about how to ues the NTS

Thanks for your prompt reply, it seems that the feodra community does not enable NTS. What is the reason for this? Because there are few public servers that support NTS?

-----邮件原件-----
发件人: Miroslav Lichvar [mailto:mlichvar@xxxxxxxxxx] 
发送时间: 2022年9月19日 14:18
收件人: chrony-users@xxxxxxxxxxxxxxxxxxxx
主题: Re: [chrony-users] about how to ues the NTS

On Mon, Sep 19, 2022 at 01:57:46AM +0000, chengyechun wrote:
> Hello all:
>     Sorry to bother you again. Can the NTS key and certificate be generated only by the certtool? In the official guide and test cases, the certtool is used. Can the openssl command be used to generate the NTS key and certificate?

Yes, you can use any tool you like. chrony uses gnutls for TLS, which also provides certtool, so it makes sense to use that to avoid extra dependencies.

--
Miroslav Lichvar


-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.




Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/