Date: Thu, 25 Apr 2002 21:58:47 +0300 From: ANdrei <andrei@abc.ro> To: security@freebsd.org Subject: apache Message-ID: <3CC851E7.3529C7AB@abc.ro>
next in thread | raw e-mail | index | archive | help
let me give you a scenario that i want solved :) i have a webserver that needs to run apache with SSL (httpd -SSL, if i remember correctly), but the server is not considered to be secure enough to have an unencrypted key on it's hard drives... so the key is crypted, but then, again, apache is unable to start with SSL enabled if somebody doesn't enter the passphrase by hand... i'm talking about apache with mod-ssl, it's one of many big servers, and any minute of it not being up is a big pain in the ass, so starting apache on every server every time by entering the passphrase by hand is not what i am looking for... starting it from a script where the passphrase is plain text is also considered to be insecure for what i need.... hope smbd had this problem already :) ANdrei and smtg else: i think it would be a great thing for this list and the community if people here stop saying shitwords to each other... if someone's annoying you, say it, but say it nicely, or ignore him... guess most of us feel this way... discussions should be constructive, not a desperate search for weak points in the ideas of others or a search for the "best invective", so they end up imho as "almost spam" when considering this is a "security" list... (don't think of anybody special) ----------------------------------[ http://www.goanga.com ]-- Never take life seriously. _ _ Nobody gets out alive anyway. o' \.=./ `o (o o) -----------------------------------------ooO--(_)--Ooo------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CC851E7.3529C7AB>