[Gllug] Apache mod_ssl

Ian Norton inorton at iee.org
Mon Aug 9 17:13:06 UTC 2004

Doug Winter wrote:
> will wrote:
> generally in real life the password is kept in a text file on the same 
> machine, and then the password entering phase of server start up is 
> faked using, as someone else said, some crappy perl script.  that is no 
> more secure than no password at all, so it seems much simpler just to 
> remove the encryption completely.

My nasty perl, expect thing didnt store the password locally, it was 
sent via ssh, i had another box testing to see if the https server was 
still up each hour, if it failed, i used ssh with key authentication to 
remotely execute the init script and confirm each cert in turn,

very nasty, so nasty in fact that i dont even have the script anymore

Gllug mailing list  -  Gllug at gllug.org.uk

More information about the GLLUG mailing list