23 Nov
2010
23 Nov
'10
8:28 a.m.
"Avinash Gaonkar" agaonkar@gmail.com wrote:
How can we configure ssl key passphrase in stunnel config file. for. eg SSLPassPhraseDialog exec:/path/to/passphrase-file parameter we have in apache, so no need to key in password every time when we restart service.
Passphrase in a file is a very bad idea. It makes the solution more complex without any security benefit (in fact it makes things even worse if you re-use your passphrase anywhere else). Simply decrypt your private key instead and use filesystem permissions to protect it.
Mike