Because it'll decrypt them to plain files on file system (best is a
temporary file ) so that they be used further by SSL services. The
idea is to decrypt not to real file system (where thay can be easily
stolen by modern malware) but to pseudo (in-memory) files which can't
be read & passed to subpr
On Sunday 22 April 2012 13:39:32 Ivanko B wrote:
> Because it'll decrypt them to plain files on file system (best is a
> temporary file ) so that they be used further by SSL services.
AFAIK OpenSSL decrypts encrypted private keys directly into the internal data
structures without intermedate file
AFAIK OpenSSL decrypts encrypted private keys directly into the internal data
structures without intermedate file.
=
Sure, but not only private keys but some other SSL related files - for
instance, local CA files, some sensitive data in certificate files
etc.
2012/4/22, Martin Schreiber
On Sunday 22 April 2012 23:20:16 Ivanko B wrote:
> AFAIK OpenSSL decrypts encrypted private keys directly into the internal
> data structures without intermedate file.
> =
> Sure, but not only private keys but some other SSL related files - for
> instance, local CA files, some sensitive dat
Local CA files etc files planned to be more secure ( additional
encryption layer/pass ).
2012/4/23, Martin Schreiber :
> On Sunday 22 April 2012 23:20:16 Ivanko B wrote:
>> AFAIK OpenSSL decrypts encrypted private keys directly into the internal
>> data structures without intermedate file.
>>
5 matches
Mail list logo
