Solved

Apache doesn't ask me for server.key password when starting up.

Posted on 2008-10-30
2
332 Views
Last Modified: 2013-11-24
Mac OS 10.4, with the installed version of Apache

I have (finally) figured out how to get SSL running.  For the moment I have an unencrypted key in the directory where Apache Looks.   The permissions are only the Root and Wheel can read.

I had to do this because when Apache starts, there is no message for me to enter my passphrase manually.

If I could get this alert to appear, then I would participate in this higher security practice.

I don't know where to look to do this.

Thanks.
0
Comment
Question by:computerlarry
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 4

Assisted Solution

by:DJDecay
DJDecay earned 100 total points
ID: 22846025
Many folks operate their SSL webservers in this way, where they have a key file w/o a passphrase on it. This is normal. If the machine reboots, it will prompt you for a key, if you cannot supply it, the server is hung. If you put it into a text file to auto echo it, what is the purpose of having a passphrase on the key in the first place.
 
0
 
LVL 2

Accepted Solution

by:
artms earned 400 total points
ID: 22925116
SSL private key is only read when apache is started and after that it doesn't need them. So you can make those private keys only readable to root (chmod 0600 your_private_key), it will be quite secure, not secure againts root exploit, because attacker will be able to read your private keys when he is root!, but in this case attacker can put so rootkit which will log password you enter when apache is started...
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The /etc/authorization file in Mac OS X 10.x can be used to control access to the various panes of the System Preferences amongst other things. It’s used by some of us Mac Sys Admin’s to give Standard Users access to System Prefs panes that only adm…
In this article we will discuss some EI Capitan Mail app issues and provide some manual process to resolve them.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question