On Tue, Sep 12, 2000, Phil Mills wrote:
> Thinking about this some more ... when you start Apache manually, you need
> to type in a passphrase if your private keys are encrypted. How can this be
> achieved if startup is automated ? I suspect it may be a security risk to
> keep the passphrase in a script, even if you could pass it to apachectl
> somehow. Has anybody been here before ?
The usual practice is to remove the passphrase from the key and instead make
sure your system is in a maximum secured state so no one can easily steel your
private key from the file system. For details how to remove the passphrase
from the key have a look into the FAQ.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
