Self-signed certificates

Gary E. Miller gem at
Wed May 6 22:55:57 UTC 2020

Yo Rich!

On Wed, 6 May 2020 18:44:08 -0400
Rich Schmidt via devel <devel at> wrote:

> I would like to test NTPsec on an internal network without Internet
> access.

Now that is real paranoia!  But I guess you earned it the hard way.

> 2020-05-06T22:38:42 ntpd[9901]: NTSc: Using dir /var/lib/ntp/certs/
> for root certificates.

Did you read that?  Do so again.

> Is it not possible to use self-signed certificates?

Yes.  That "self" creates your own root cert.

>  Or am I missing
> some steps;

AFAIK, you forgot to put your new root in /var/lib/ntp/certs

Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can't measure it, you can't improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the devel mailing list