[clue-admin] Cert for TLS.
Jeff Cann
president at cluedenver.org
Sun Jul 9 23:16:46 MDT 2006
Collins Richey wrote:
> On 7/9/06, Jed S. Baer <thag at frii.com> wrote:
>
>> My guess is that most
>> people don't use a passphrase-protected key, and just protect the
>> private
>> key as best they can. Otherwise re-booting a shared-hosting server would
>> be a nightmare.
>>
>
> RH in their great wisdom have made it extremely difficult to generate
> a cert that doesn't use passphrase, and as a result we have this
> nightmare on all our servers that run Apache at work. You have to sit
> at the console when booting to enter the passphrase - yegg!
>
FWIW - the Sun ONE web server has a way to specify the key in a file
that is set to permissions of 400. By default for SSL-enabled web
servers, it will prompt.
I don't know if apache has a similar work around / security hack for
unattended reboots.
Jeff
More information about the clue-admin
mailing list