httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Foster, Stephen \(ASPIRE\)" <steve.fos...@hmrcaspire.com>
Subject RE: [users@httpd] impossible restart apache2 in mod_ssl with 2 pass phrases
Date Wed, 18 Jul 2007 16:02:17 GMT
Hi,

why not strip the passphrase from the keys and then protect the keys from prying eyes. e.g:

http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#removepassphrase

Then you will never be prompted for the passphrase on startup.

its no less secure than calling a password from a script.

HTH

Steve

-----Original Message-----
From: Karim Hamed-abdelouahab [mailto:karim.ha@gmail.com]
Sent: 18 July 2007 14:01
To: users@httpd.apache.org
Subject: [users@httpd] impossible restart apache2 in mod_ssl with 2 pass
phrases


Hello everbody,

Environnement: Linux Fedora core 3, Apache/2.2.0

I wanna to restart everyday a apache2 server using a script. The crond
should start the srcipt.

The problem is that I have a pass phrase to secure each certificat.
And I have more that two domains using differents certificats so using
differents pass phrases to start properly. How can I do that?

Indication: I have writen a shell script to restart the httpd server
but for one certificat not for two. I used :
SSLPassPhraseDialog  exec:/usr/local/apache2/bin/passPhrase.sh

And passPhrase script is very simple, it's a stdout of the passphrase.

Thank you in advance.
Karim

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Capgemini is a trading name used by the Capgemini Group of companies which includes Capgemini
UK plc, a company registered in England and Wales (number 943935) whose registered office
is at No. 1 Forge End, Woking, Surrey, GU21 6DB.
This message contains information that may be privileged or confidential and is the property
of the Capgemini Group. It is intended only for the person to whom it is addressed. If you
are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate,
distribute, or use this message or any part thereof. If you receive this message in error,
please notify the sender immediately and delete all copies of this message.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message