Possibly a silly question: is there a way to store an identity certificate on a hardware security module like a Yubikey or something like that?
Feb 16 · 3 months ago
7 Comments ↓
🌆 skyjake [mod...] · Feb 17 at 04:29:
That is currently not supported. In theory, there are more or less platform-independent ways to do it, but it wouldn't be exactly trivial to implement.
🚀 lars_the_bear · Feb 17 at 08:23:
In that case, I wonder how people are managing the sharing of client certificates between different computers? Is it just a case of exporting and importing? Or is there some clever approach that I'm missing?
❤️ fairlygood · Feb 17 at 11:07:
Exporting and importing is what I do. There is a client that has sync, but I can’t recall which it is.
🌆 skyjake [mod...] · Feb 17 at 11:10:
Lagrange doesn't have automatic syncing of certificates or any other user data. You need to manually copy the files over, do export/import, or rely on some 3rd party file syncing service. I believe some people have used SyncThing, but I haven't tried it myself.
🚀 lars_the_bear · Feb 17 at 15:35:
@skyjake Fair enough; it's is not a big deal for things that don't change all that often.
☕️ protoc0l [OP] · Feb 18 at 02:44:
@skyjake that works! I appreciate the info :)
When generating certs, AFAICT lagrange does not set the cert version and defaults to v1. Setting it to v3 would be necessary for interoperability.