|
Posted by Ramon F Herrera on June 11, 2007, 2:18 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Every time I add a cert to a web server (to support https://) I have
> to be around and type the passphrase at reboot time.
>
> I have tried two kinds of certs:
>
> (1) cd /usr/share/ssl/certs; make testcert
>
> and
>
> (2) make server.pem
>
> In case (2) the resultant cert is RSA and it doesn't need a password.
> I have to extract the 2 components manually from the .pem file and
> save them in separate files server.crt and server.key
>
> In case (1) the resultant cert is DSA and needs a password.
>
> It seems that (1) is more secure, but it requires the password to be
> typed.
>
> Is there a way to prevent the interactive password typing?
>
> Comments?
>
> TIA,
>
> -Ramon
Correction: it seems like in both cases (1) and (2) the key is RSA.
-RFH
| 
XML site map