On Tue, Aug 10, 1999, Joseph Mack wrote:
> I have different passphrases for each server. I want the servers to come
> up on bootup without being prompted for a passphrase so in the mod_ssl
> section I point to a script that echoes a passphrase. There is only space
> in the mod_ssl section for one passphrase script. How do I start multiple
> secure servers this way?
Then I recommend you to read the user manual more carefully (hmmmm):
| <p>
| <li><code>exec:/path/to/program</code>
| <p>
| Here an external program is configured which is called at startup for each
| encrypted Private Key file. It is called with an argument of
| ``<code>servername:portnumber</code>'' for which it has to print the
| corresponding Pass Phrase to <code>stdout</code>. The intent is that this
| external program first runs security checks to make sure that the system
| is not compromised by an attacker, and only when these checks were passed
| successfully it provides the Pass Phrase.
Or equally secure/unsecure: remove the pass phrase from both private keys.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
