[NTLUG:Discuss] Multiple Apache-SSL Servers / Same Pass Phrase
Greg Edwards
greg at nas-inet.com
Tue Jul 1 15:39:28 CDT 2003
Stuart Johnston wrote:
>
>>stronghold, which is apache based. you might want to reconsider using
>>passphrases.....
>
>
> Yes, and we considered doing that but it is a security risk. If you
> have advise on securely using unencrypted certificates, I would
> appreciate it.
>
>
> Because we are using mod_perl. Maybe I'm wrong but I think we need
> seperate instances so that each customer's site will have it's own
> mod_perl environment.
>
Neil Aggarwal might be helpful here. He gave me a good writeup on
installing a cert awhile back.
You don't need a passphrase to be secure. The only place a passphrase
does anything is during server startup. If console access to your
server is secure then not having a passphrase won't compromise your system.
The mod_ssl module will only support 1 host name so virtual hosting is
not possible with SSL. It's not like the other modules, SSL is a server
unto itself. Maybe we can get Neil to explain this better than I can??
nudge-nudge ;)
--
Greg Edwards
New Age Software, Inc. - http://www.nas-inet.com
======================================================
Galactic Outlaw - http://goutlaw.nas-inet.com
The ultimate cyberspace adventure!
More information about the Discuss
mailing list