[Gllug] Apache mod_ssl

[Ian Norton]

Doug Winter wrote:
> will wrote:
> 
> generally in real life the password is kept in a text file on the same 
> machine, and then the password entering phase of server start up is 
> faked using, as someone else said, some crappy perl script.  that is no 
> more secure than no password at all, so it seems much simpler just to 
> remove the encryption completely.

My nasty perl, expect thing didnt store the password locally, it was 
sent via ssh, i had another box testing to see if the https server was 
still up each hour, if it failed, i used ssh with key authentication to 
remotely execute the init script and confirm each cert in turn,

very nasty, so nasty in fact that i dont even have the script anymore

Ian
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug