On Tue, Apr 28, 2009 at 1:16 AM, Mike Lyon <mike.lyon@xxxxxxxxx> wrote:The passphrase is on the key, not the certificate. The key should
> It's another link in the security of that certificate... I'd prefer to keep
> it. It guarantees continuity from the creation of the CSR until you get the
> cert back from the CA.
never leave your server. You could have created your original key
without a passphrase even, and the CA wouldn't have known it.
Having the certificate itself encrypted is pointless, as you will be
handing it out to anyone contacting your server.
Krist
--
krist.vanbesien@xxxxxxxxx
krist@xxxxxxxxxxxxx
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|