On Tue, Apr 28, 2009 at 1:16 AM, Mike Lyon <mike.lyon@xxxxxxxxx> wrote: > It's another link in the security of that certificate... I'd prefer to keep > it. It guarantees continuity from the creation of the CSR until you get the > cert back from the CA. The passphrase is on the key, not the certificate. The key should never leave your server. You could have created your original key without a passphrase even, and the CA wouldn't have known it. Having the certificate itself encrypted is pointless, as you will be handing it out to anyone contacting your server. Krist -- krist.vanbesien@xxxxxxxxx krist@xxxxxxxxxxxxx Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|