~sircmpwn/gmni#54: 
Possibility to use existing certificates

Hello,

I wonder why there is no way of using m'y own certificates. As far as I understand gmnisrv imposes to create its own certificates by himself.

I'm not confortable with it.

Status
RESOLVED WONT_FIX
Submitter
~raspbeguy
Assigned to
No-one
Submitted
9 months ago
Updated
9 months ago
Labels
No labels applied.

~sircmpwn REPORTED WONT_FIX 9 months ago

This is by design. gmnisrv manages certificates entirely for you for use with TOFU. The sysadmin should never concern itself with certificates. Ask yourself if you feel similarly about your SSH host keys.

~raspbeguy 9 months ago

My SSH host keys concerns only myself, my website certificate concerns everybody. I do not understand this choice.

~sircmpwn 9 months ago

Gemini does not use the global CA system, even though it uses TLS for encryption. It is a TOFU system. This is still WONT_FIX.

Register here or Log in to comment, or comment via email.