[stunnel-users] SSLPassPhraseDialog
Michal Trojnara
Michal.Trojnara at mirt.net
Tue Nov 23 09:28:50 CET 2010
"Avinash Gaonkar" <agaonkar at gmail.com> wrote:
> How can we configure ssl key passphrase in stunnel config file.
> for. eg SSLPassPhraseDialog exec:/path/to/passphrase-file
> parameter we have in apache, so no need to key in password
> every time when we restart service.
Passphrase in a file is a very bad idea. It makes the solution more
complex without any security benefit (in fact it makes things even worse if
you re-use your passphrase anywhere else). Simply decrypt your private key
instead and use filesystem permissions to protect it.
Mike
More information about the stunnel-users
mailing list