fre 2006-04-21 klockan 09:43 -0400 skrev [EMAIL PROTECTED]: > Thank you for the advice Vince. I received before similar advice from > Henrik Nordstrom and already tested the https_port directive with Apache. > It worked really easy. > The only thing that missed is Squid's capability to provide pass phrase > for the private encrypted key at the start up. Apache does that.
See the SSL update patch or Squid-3.. it allows you to specify a program supplying the key encryption password. Or alternatively start Squid in the foreground with the -N option. Please note that having the pass phrase in the config file or similar more or less equals to have the key unencrypted on disk. There is only a security benefit in storing the key encrypted if the admin is somehow queried for the password on startup. Regards Henrik
signature.asc
Description: Detta är en digitalt signerad meddelandedel
