Hi, I'm Beatriz and I'm a student at the Santa Catarina State University.

Currently, I'm studying the Fedora Release Life Cycle, and would like to know if anyone could help me with some questions about this subject:
  1. I understand that the services used to build nightly composes use TLS. For example, the communication between Koji and Bodhi, the connection between Koji and Pungi, and the communication between Pungi and the /mnt/koji/compose repository (https://kojipkgs.fedoraproject.org/compose/) use TLS. But it was unclear whether these TLS certificates are generated internally or whether they are generated by a public CA (e.g., letsencrypt).
  2. Do clients use the trust anchors from the ca-certificates package or do they have a list of their own?

--
Best regards,
Beatriz

Santa Catarina State University - UDESC