Name
SSLPassPhraseDialog
Synopsis
SSLPassPhraseDialog
type
[server config]
Sets the type of dialog used to get the administrator’s pass phrase for accessing encrypted private keys. The administrator needs to provide this information during server startup. The valid types are:
-
builtin
This uses an interactive dialog at the terminal at startup. The administrator provides the pass phrase for each encrypted private key file. There is a reuse mechanism for multiple keys used on virtual hosts. Pass phrases will automatically be retried to see if it can be used for multiple key files, thus saving some input.
-
exec:
/path/script
This option calls a program at startup to produce the pass phrase however it sees fit, and send it to
stdout
for use with the terminal dialog described by thebuiltin
option. The script is called with two arguments. The first argument isservername:portnumber,
The second is eitherRSA
orDSA
, which is determined by the encryption used by the key file. This method is very flexible, and the administrator can provide any number of security checks to the process.
Get Webmaster in a Nutshell, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.