[lxc-users] lxc exec / list: x509: certificate has expired or is not yet valid
Andrey Repin
anrdaemon at yandex.ru
Thu Jun 2 15:27:32 UTC 2016
Greetings, Tomasz Chmielewski!
>>> So... what is the correct procedure to update the certificate on LXD
>>> server and make sure it's still accepted by LXD clients?
>>
>> I would go a long route and set up my own CA.
>> Though, I actually did that already...
>>
>> Alternative is to make yourself a certificate though third-party CA,
>> like
>> Let's Encrypt.
> Well, it seems that LXD is fine with self-signed certificates as well.
> Which is OK with me.
LXD itself, may be.
But your clients?
You'd need to tell them somehow, that your self-signed certificate has
changed.
I've found that properly issued certificates are way easier to manage.
> The whole process could be designed a bit better :)
Well, LXD is relatively new, and your report will surely count towards its
improvement!
--
With best regards,
Andrey Repin
Thursday, June 2, 2016 18:26:04
Sorry for my terrible english...
More information about the lxc-users
mailing list