On Apr 5, 2013, at 19:33 , Morgen Sagen wrote: > Calendar server uses a couple different mechanisms to acquire a certificate's > passphrase: > > 1) It will run the program specified in caldavd.plist "SSLCertAdmin", which > defaults to /Applications/Server.app/Contents/ServerRoot/usr/sbin/certadmin > on OS X Server. It passes "--get-private-key-passphrase > /path/to/private.key" to that program which returns the passphrase on stdout. > > 2) It will run the program specified in caldavd.plist "SSLPassPhraseDialog", > which defaults to /etc/apache2/getsslpassphrase. It determines whether the > key type is DSA or RSA, and then <serverhostname>:<port> <keytype> to that > program which returns the passphrase on stdout. > > You could try configuring the SSLPassPhraseDialog key to an appropriate > program on your system. The problem is I don't know if this will work if the > program you specify needs to interact with a tty to prompt for the passphrase > because the calendar server worker processes don't have a tty as far as I > know. >
Glyph, Fred and Morgen, thanks for your help on this issue. I confirm that once I strip the password from the key, caldavd works as expected. I will check whether I can use security(1) tool in place of SSLPassPhraseDialog (with some modifications to caldavd's code), as I don't have certadmin on my Mac OS X. Thanks once again, Nikola _______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/calendarserver-users
