NTP - big picture
Gary E. Miller
gem at rellim.com
Fri Feb 1 03:03:53 UTC 2019
Yo Richard!
On Thu, 31 Jan 2019 19:48:37 -0600
Richard Laager via devel <devel at ntpsec.org> wrote:
> On 1/31/19 7:28 PM, Hal Murray via devel wrote:
> > I'm looking for a way to test without a domain.
> The problem with using a self-signed certificate is that it won't
> validate.
Maybe, ways around it, and not required.
> So you either need a configuration option to tell ntpd to
> ignore the NTS-KE server's certificate failure, or you actually need
> to setup your own private CA.
Both easy.
But Let's Encrypt (LE) is even easier, why bother?
> Such a confirmation option may be desirable for testing. But it's also
> an attractive nuisance.
Yes, LE is best if you have a FQDN.
> In a world where certificates are available
> for free from Let's Encrypt, I'm not sure it's necessary. I know that
> you are personally looking to do this without a domain, but how
> common are people who are _both_ looking to run an NTP server _with
> NTS_ and do not have a domain?
And not have a stable FQDN.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190131/fd3e85be/attachment-0001.bin>
More information about the devel
mailing list