fre 2006-04-21 klockan 09:43 -0400 skrev DGeorgie@xxxxxxxxx: > Thank you for the advice Vince. I received before similar advice from > Henrik Nordstrom and already tested the https_port directive with Apache. > It worked really easy. > The only thing that missed is Squid's capability to provide pass phrase > for the private encrypted key at the start up. Apache does that. See the SSL update patch or Squid-3.. it allows you to specify a program supplying the key encryption password. Or alternatively start Squid in the foreground with the -N option. Please note that having the pass phrase in the config file or similar more or less equals to have the key unencrypted on disk. There is only a security benefit in storing the key encrypted if the admin is somehow queried for the password on startup. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
