On Fri, 3 Apr 2009, Michael A. Peters wrote: > After running that and entering my pass phrase, no pass phrase is > required to start the server and it seems like the browsers don't > complain, so I think I'm set, but I thought I'd verify that all > really is well and that doing that isn't going to cause any issues. > > If I understand it correctly, the phrase was needed when Apache > starts in order to decrypt the key, and all I did above was decrypt > the key so that apache doesn't have to, correct? You are correct. As long as you can guarantee limited access to the file containing the key, then storing it in decrypted form is probably worth the risk. On a server with untrusted users, however, I'd keep it decrypted. -- Paul Heinlein <> heinlein@xxxxxxxxxx <> http://www.madboa.com/ _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Apache SSL key pass phrase question
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: Apache SSL key pass phrase question
- From: Paul Heinlein <heinlein@xxxxxxxxxx>
- Date: Fri, 3 Apr 2009 13:16:08 -0700 (PDT)
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <49D65FFA.1060401@xxxxxxx>
- References: <49D65FFA.1060401@xxxxxxx>
- User-agent: Alpine 2.00 (OSX 1167 2008-08-23)
- Follow-Ups:
- Re: Apache SSL key pass phrase question
- From: Paul Heinlein
- Re: Apache SSL key pass phrase question
- References:
- Apache SSL key pass phrase question
- From: Michael A. Peters
- Apache SSL key pass phrase question
- Prev by Date: Re: Update for 5.3 failed on subversion and gstreamer-plugins-good
- Next by Date: Re: Apache SSL key pass phrase question
- Previous by thread: Re: Apache SSL key pass phrase question
- Next by thread: Re: Apache SSL key pass phrase question
- Index(es):
 |