Changes between Initial Version and Version 1 of Ticket #834, comment 3
- Timestamp:
- 11/17/15 19:56:06 (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #834, comment 3
initial v1 3 3 1) I am not about to remove password of a cert key, since it's usually a bad security practise (considering the server get compromised, the cert will have to be revoked, etc.). 4 4 On top of that, as explained, I never had problems on Apache2 using a password protected key Cert file. When I run Apache service, password is well asked. I can not consider the solution of removing the password, when other solutions work properly. 5 I also checked ssl_password_file proposal. Storing the password in that way would set the security system as if no password was set on the key cert file. Therefore, I can't follow that solution neither.5 I also checked ssl_password_file proposal. Storing the password in that way would set the security system as if no password was set on the key cert file. Therefore, I can't -as well- follow that solution. 6 6 7 7 2)''' What I fail to understand, if it is a bug, or a feature is the following :''' Nginx, when run as command line '''asks me''' for my cert key password and runs correctly. Why this behaviour can't be applied on a service ?
