Re: SSL certificate pass phase in apache



Oops, did not read your email at all it seems.
But if someone could get their hands on the passgenerator, they'd be able to access the key anyhow?

Hi all
I know that I can remove password of my private key using this command:
openssl rsa -in foo_key.pem -out foo_keyclear.pem

But,I don't like this,because I should save private key without any protection on server,and if sombody access this file,he can easily generate a dummy "valid certificate" from same Issuer.
Is this the way that normally used on servers for thier SSL?
They won't use:
SSLPassPhaseDialog exec:cert/passgenerator
for sending pass to apache and then protect that pass generator?

Regards

---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse. Arm your
enterprise with BigFix, the single converged IT security and operations
engine. BigFix enables continuous discovery, assessment, remediation,
and enforcement for complex and distributed IT environments in real-time
from a single console.
Think what's next. Think BigFix.

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------



---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse. Arm your
enterprise with BigFix, the single converged IT security and operations
engine. BigFix enables continuous discovery, assessment, remediation,
and enforcement for complex and distributed IT environments in real-time
from a single console.
Think what's next. Think BigFix.

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------



Relevant Pages

  • RE: Security Simplification
    ... Subject: Security Simplification ... BigFix ... engine. ... BigFix enables continuous discovery, assessment, remediation, ...
    (Security-Basics)
  • Re: Overwriting an uninitialized local variable in PHP
    ... BigFix ... BigFix enables continuous discovery, assessment, remediation, ... and enforcement for complex and distributed IT environments in real-time ...
    (Security-Basics)
  • Re: Hacking Book / Information
    ... I am looking for a good book of hacking. ... BigFix ... BigFix enables continuous discovery, assessment, remediation, ...
    (Security-Basics)
  • RE: General question
    ... a senior partner asked my boss why morale in our department ... than you the security analyst because they DO MORE THINGS? ... BigFix ... and operations engine. ...
    (Security-Basics)
  • RE: General question
    ... Information Security Manager ... BigFix ... engine. ...
    (Security-Basics)