kloomis wrote:
Advantage: You can use the key without supplying a passphrase, this simplifies for example the startup procedure of an SSL enabled Apache server Disadvantage: You can use the key without supplying a passphrase, this is very bad if someone can read privkey.pem who should not.Hello:I have some directions on how to build a self-signed certificate which consists of 5 steps.1) create a key and a request 2) Remove the passphrase from the key (optional) 3) sign the certificate 4) install the cert and the key 5) set the SSLConf to point to the cert and the key. My question is what are the effects of removing the passphrase from key?
Is the data still encrypted?No. Even if it were it would be no use since everyone could decrypt it without a passphrase.
Also, does anything in the process need the privkey.pem file that is created once the cert and key are created?privkey.pem is not needed by the process of certificate generation once the request is generate, but you'll need it once you want to use this certificate to authenticate yourself, for example when opening a SSL connection or signing an email.
I'm not sure if i did understand your problem, in case I missed please clarify your needs.Thanks, Ken
Hope it helps, Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
smime.p7s
Description: S/MIME Cryptographic Signature