6.3.1 Certificate Expiration
The common server certificate SMT uses is valid for one year. After that time, a new
certificate is needed. Either generate a new certificate using YaST CA Management
module or import a new certificate using the YaST Common Server Certificate module.
Both options are described in the following sections.
As long as the same CA certificate is used, there is no need to update certificates at the
client machines. The generated CA certificate is valid for 10 years.
6.3.2 Creating a New Common Server
Certificate
To create a new common server certificate with YaST, proceed as follows:
1 Start YaST and select Security and Users > CA Management. Alternatively,
start the YaST CA Management module from a command line by entering
yast2 ca_mgm as root.
2 Select the required CA and click Enter CA.
3 Enter the password if entering a CA for the first time. YaST displays the CA
key information in the Description tab.
4 Click the Certificates tab (see
and select Add > Add Server Certificate.
Figure 6.1, "Certificates of a CA"
SMT Tools and Configuration Files
(page 46))
45