1 |
Stefan wrote: |
2 |
|
3 |
>On Fri, 22 Oct 2004 09:19:25 +0800, Wang Penghui <wangpenghui@××××××.com> wrote: |
4 |
> |
5 |
> |
6 |
>>Hi all: |
7 |
>> |
8 |
>>If i add ssl cert to my apache server,then when i restart the server i |
9 |
>>have to enter the Pass Phrase. I wonder that if i restart my server box. |
10 |
>>And the apache was exist in the runlevel default, what would happen when |
11 |
>>i don't input the Phrase? Does it wait until i enter the password, or |
12 |
>>ignore this to start other servers? |
13 |
>>Because my server box is not nearby me. So i have to login it remotely. |
14 |
>>If the apache server wait until i enter the Phrase i think i need to |
15 |
>>clear out it from default runlevel. |
16 |
>> |
17 |
>>Thanks very much. |
18 |
>> |
19 |
>> |
20 |
>> |
21 |
> |
22 |
>As far as I now the server will stop untill you enter a valid |
23 |
>password. Now you can do (atleast) 2 things. |
24 |
> |
25 |
>1. Remove the apache service from the default runlevel. |
26 |
>2. Add an entry to your httpd.conf like this: |
27 |
> |
28 |
>SSLPassPhraseDialog exec:/usr/local/apache/bin/appasswd |
29 |
> |
30 |
>Create a file, in the example above that would be the file: |
31 |
>/usr/local/apache/bin/appasswd. Put something like this in the file |
32 |
> |
33 |
>#!/bin/sh |
34 |
> |
35 |
>echo "PASSWD" |
36 |
> |
37 |
>Make sure this file is not readable for the world, etc. Ofcourse this |
38 |
>is not a really secure solution. :) |
39 |
> |
40 |
>Regards, |
41 |
> |
42 |
>Stefan |
43 |
> |
44 |
> |
45 |
> |
46 |
The other solution is to remove the password from your Apache server |
47 |
certificate. |
48 |
modssl.org has a FAQ on how to do it, it mentions Stefan's alternative |
49 |
solution too.. |
50 |
* |
51 |
How can I get rid of the pass-phrase dialog at Apache startup time? |
52 |
http://www.modssl.org/docs/2.8/ssl_faq.html#remove-passphrase |
53 |
|
54 |
Also take note of the mentioned security precautions. |
55 |
|
56 |
|
57 |
* |