I have never found that 'risky' to be true, what risk ?? If someone cracks your server, and can find (and cares to find) the cert and ... does what with it ?? -- I'm sure there is a theoretical problem, but what is the real risk ?
Also, if you (meaning Mike) are doing a soft restart, not a shutdown/ restart the cert is NOT reloaded - and that is all that is needed to add virtual hosts. Not sure what apachectl does this, but a HUP of the main apache process is what you want. On Wed, 2 Jan 2002, Tech wrote: > It is 'risky' but you can remove the PEM from the cert... > > f) remove passphrase from server key (so httpd will start) > i) cd private > ii) mv serverkey.pem serverkey.pem.orig > iii) openssl rsa -in serverkey.pem.orig -out > serverkey.pem > ) > > :) > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Biz-Ops - OpenSRS > Sent: Wednesday, January 02, 2002 9:01 PM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: Hosting Systems > > Problem their is that I have a password on my certificate (ssl) so I bet > the > re-start on the fly will cause trouble? That really sucks that Apache > requires a restart every time a v-server is added. That can actually > cause a > sale on a site to plunder.... I am so confused anymore, sometimes I > think I > should just pour gas over the server and have a cigarette... ;) Rich Roth Domain Registrar @ On-the-Net.com
