[cups.general] cups-1.2.0 built from source (from www.cups.org)doesn't generate server.{key,crt}, etc

wtautz wtautz at cs.uwaterloo.ca
Fri May 19 13:29:14 PDT 2006 

Michael Sweet wrote:

> wtautz wrote:
>
>> Is the search tool at http://www.cups.org/str.php
>> broken? I can seem to find anything when I type search terms
>> into it. In particular nothing about the stuff below. Perhaps
>> I'm doing this wrong :-(
>
>
> The search function only looks in the summary, subsystem, version,
> and user fields - it doesn't search the text records for each STR.
> (Not sure what to do about that - joining the tables is too slow
> to be usable, but I'll investigate our options...)
>
>> ...
>> It seems that server.key and server.crt don't get generated. I had to
>> use
>> the openssl command to do this myself.
>
>
> Didn't you post that the files *did* get generated not too long
> ago?  Wasn't the issue the missing /etc/cups/ssl directory?

That was different as I was NOT building from original source. Yes,
eventually did the same thing and simply created a ssl directory.
The difference now is that I generated my own keys since I didn't
want to wait for cups to do it. Works well. As you noted in
a another email generating a key at install time rather than
runtime is appropriate.


>
> Anyways, looking at the ldd output you provided, this cupsd is
> linked against OpenSSL, and the automatic certificate generation
> is currently only supported with GNU TLS - the OpenSSL APIs for
> key and certificate generation are quite primitive, and we didn't
> have time to duplicate all of the openssl CLI tool code to do
> it...
>
> If you'd like to see this functionality, post a RFE on the CUPS
> bug page:
>
>     http://www.cups.org/str.php
>
>> Second, I added a printer successfully after doing the key generating
>> but then a second later it claims permission denied even though I
>> checked
>> and the printer had indeed been added.
>
>
> Might be the set-printer-options redirect was being refused - any
> errors in the error_log file?

Ok. I didn't really see anything but perhaps I didn't closely enough.


>
>> Is the encrpytion requirement hardwired? Because I tried saying
>> Encryption Never,(yes
>> I know this wouldn't be a good idea, just experimenting)  see cups.conf
>> below.
>
>
> The DefaultEncryption directive kicks in whenever authentication is
> required.  Using "DefaultEncryption Never" should be sufficient to
> disable the encryption requirement.
>
Ok.

More information about the cups mailing list