Re: apache

From: Doug Barton (DougB@FreeBSD.org)
Date: 04/25/02

• Next message: ANdrei: "sorry"
• Previous message: ANdrei: "apache"
• In reply to: ANdrei: "apache"
• Next in thread: Marc Rogers: "Re: apache"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 25 Apr 2002 12:07:00 -0700 (PDT)
From: Doug Barton <DougB@FreeBSD.org>
To: ANdrei <andrei@abc.ro>

[ I'm sorry to say, this topic isn't appropriate for freebsd mailing
lists. It's purely an apache question. ]

On Thu, 25 Apr 2002, ANdrei wrote:

> let me give you a scenario that i want solved :)
>
> i have a webserver that needs to run apache with SSL (httpd -SSL, if i
> remember correctly), but the server is not considered to be secure
> enough to have an unencrypted key on it's hard drives... so the key is
> crypted, but then, again, apache is unable to start with SSL enabled if
> somebody doesn't enter the passphrase by hand... i'm talking about
> apache with mod-ssl, it's one of many big servers, and any minute of it
> not being up is a big pain in the ass, so starting apache on every
> server every time by entering the passphrase by hand is not what i am
> looking for... starting it from a script where the passphrase is plain
> text is also considered to be insecure for what i need....

You can't have it both ways. If you want the key to be encrypted, the
password has to be entered when the server starts up. Any automated
solution would be sufficiently insecure by nature, and roughly equivalent
to leaving the password unencrypted.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: ANdrei: "sorry"
• Previous message: ANdrei: "apache"
• In reply to: ANdrei: "apache"
• Next in thread: Marc Rogers: "Re: apache"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: apache ... > i have a webserver that needs to run apache with SSL (httpd -SSL, ... > somebody doesn't enter the passphrase by hand... ... > server every time by entering the passphrase by hand is not what i am ... The solution that i opted for was to create a server on a secure network ... (FreeBSD-Security) Re: apache question ... # Based upon the NCSA server configuration files originally by Rob McCool. ... # configuration directives that give the server its instructions. ... Directives that control the operation of the Apache server process as ... (alt.php) Re: Apache and SSL ... # Based upon the NCSA server configuration files originally by Rob McCool. ... # This is the main Apache server configuration file. ... # configuration directives that give the server its instructions. ... (RedHat) Re: Apache vs IIS ... Windows Server not on my Linux Server so there for I would chose IIS. ... Not that Apache is bad but ASP.NET is far easier and faster to create good web forms in. ... PHP on a IIS server is rather easy to run once you install PHP on a PC but if you only use PHP why not use Apache for Windows. ... (alt.php) Re: webalizer ... I'm trying to get webalizer and apache working together. ... # Based upon the NCSA server configuration files originally by Rob McCool. ... # configuration directives that give the server its instructions. ... (freebsd-questions)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint