CUPS uses self-signed certificate after upgrading to UCS 4.3

ssl
cups
ucs-4-3

#1

Hello,

after upgrading to UCS 4.3 CUPS uses a self-signed certificate:

# ls -l /etc/cups/ssl/
insgesamt 8
lrwxrwxrwx 1 root root   46 Apr 11 11:15 server.crt -> /etc/univention/ssl/ucsmaster.home.dg/cert.pem
lrwxrwxrwx 1 root root   49 Apr 11 11:15 server.key -> /etc/univention/ssl/ucsmaster.home.dg/private.key
-rw-r--r-- 1 root root 1375 Apr 11 14:16 ucsmaster.home.dg.crt
-rw-r--r-- 1 root root 1675 Apr 11 14:16 ucsmaster.home.dg.key

The instructions in /etc/univention/templates/files/etc/cups/cups-files.conf regarding SSL are disabled:

# SSL/TLS certificate for the scheduler...
#ServerCertificate ssl/server.crt

# SSL/TLS private key for the scheduler...
#ServerKey ssl/server.key

Is there a reason or is this a bug? The JoinScript creates still the symbolic links.

Kind regards,
SirTux


#2

Same Problem here.
I “fixed” it with symlinking HOSTNAME.crt und .key to /etc/univention/ssl/HOSTNAME/cert.pem and /etc/univention/ssl/HOSTNAME/private.key.
Is this the way to do it and WHY is a self-signed certificate being used?
It makes shared printers for windows users unusable (no connection possible).
Thanks,
Christian