RE: server.key

Fri, 08 Sep 2000 08:48:57 -0700 

Another thing to note here.  A single Apache instance will use the same
passphrase value for all keys; therefore, someone hacking one key
successfully will be able to decrypt all the others as well.

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Adrian Stovall
> Sent: Friday, September 08, 2000 11:25 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: server.key
>
>
> I will agree that this is true, however...the odds of someone getting (by
> hacking your system?) _one_ key is probably about the same as them getting
> all of your keys, if they've gotten that far into your machine.
> Once basic
> security is overrun, everything else is out the window.
>
> > -----Original Message-----
> > From: Giuliano Cocchi [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, September 08, 2000 2:21 AM
> > To: [EMAIL PROTECTED]
> > Subject: RE: server.key
> >
> >
> > Yes it's true.
> > Create a server key for each domain hosted.
> >
> >
> > >
> > > I disagree...
> > >
> > >
> > > Technically it will work, but if someone gets that _one_
> > key, they can
> > > impersonalte ALL of your secure sites.  I don't think that
> > is a very good
> > > idea.  It is not that hard to create a key for each certificate you
> > > request, and it is MUCH more secure.
> > >
> > >
> > >
> > >
> > > Rick Widmer
> > > Internet Marketing Specialists
> > > http://www.developersdesk.com
> > >
> > ______________________________________________________________________
> > > Apache Interface to OpenSSL (mod_ssl)
> > www.modssl.org
> > > User Support Mailing List
> > [EMAIL PROTECTED]
> > > Automated List Manager
> > [EMAIL PROTECTED]
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
> > User Support Mailing List                      [EMAIL PROTECTED]
> > Automated List Manager                            [EMAIL PROTECTED]
> >
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
> User Support Mailing List                      [EMAIL PROTECTED]
> Automated List Manager                            [EMAIL PROTECTED]
>

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to