skye> What function do you call to avoid the 'Enter PEM pass phrase:' prompt?
skye> Just won't do; the daemon needs to be started from an rc script.
One way to do it is to write a password callback that you register
through SSL_CTX_set_default_passwd_cb().
However, this means that you need to pr
If you remove the password encryption on your private key,
I believe you won't be getting this (it's what I belive
most people do that configure SSL servers to auto start on
boot without manual intervention).
If memory serves, I believe something like
req -key INPUT_KEY_FILE -keyout OUTPUT_KEY_F
There was a bit of a food fight about this subject here last year.
What you need to have for unattended startup is an unencrypted private key.
There are obvious security implications.
Skye Poier is supposed to have written:
>
> What function do you call to avoid the 'Enter PEM pass
> phrase:'
> Chris Kopp wrote:
>
> When I try to strip the password encryption off of the private key, as
> described below, I get the following error:
>
> req -key keyrq.txt -keyout test.key -nodes -config openssl.cnf
> unable to load Private key
> 344:error:02001002:system library:fopen:system
> lib:tmp3
When I try to strip the password encryption off of
the private key, as described below, I get the following error:
req -key keyrq.txt -keyout test.key -nodes -config
openssl.cnf
unable to load Private
key344:error:02001002:system library:fopen:system
lib:tmp32dll\bss_file.c:103:fopen('.oid
Tugrul Bingol wrote:
> Is there any way to get the password necessary for "PEM pass phrase"
> from a file?
Drugs, hypnosis, torture are some of the more common effective methods.
__
OpenSSL Project
This needs to be a FAQ I think.
Probably what you want to do is have the private key be decrypted. You can
do this with the "openssl rsa" command (if you're using an RSA private key,
which you probably are).
Make sure you understand the security implications of this move.
> -Original Messag
Don't be rude !!! If you know the answer you may help, if you don't, don't
keep list busy.
Michael Sierchio wrote:
> Tugrul Bingol wrote:
>
> > Is there any way to get the password necessary for "PEM pass phrase"
> > from a file?
>
> Drugs, hypnosis, torture are some of the more common effecti
Tugrul Bingol wrote:
>
> Don't be rude !!! If you know the answer you may help, if you don't, don't
> keep list busy.
Oh, I know the answer, if you could state the question in a way that is
specific and doesn't waste everyone's time speculating what it is you
want.
How's this: I won't be rude i
I think the larger question is "What are you trying to accomplish?"
If you want to remove the passphrase that protects a private key, you can
do that as loing as you know the passphrase. Check the list archives for
details on this.
If you want to find out the passphrase protecting a pem file,
yes
"Patrick Li"
<[EMAIL PROTECTED]>
Hi Patrick,
Regarding all Openssl functions, since the encryption and authentication methods
used here are a common knowledge, you must use a unique password in order to
protect your own data. Otherwise, everybody will be able to figure out your
information out of the "encrypted" file. Anyway, us
m: Jostein Tveit [mailto:[EMAIL PROTECTED]
Sent: mardi 11 novembre 2003 14:55
To: [EMAIL PROTECTED]
Subject: Re: PEM pass phrase hard coded
"cau.m" <[EMAIL PROTECTED]> writes:
> How can i make an unencrypted private key ?
By not specifying any symmetric encryption algorithm when
13 matches
Mail list logo