Name

SSLPassPhraseDialog

Synopsis

                     SSLPassPhraseDialog 
                     type
                  

[server config]

Sets the type of dialog used to get the administrator’s pass phrase for accessing encrypted private keys. The administrator needs to provide this information during server startup. The valid types are:

builtin

This uses an interactive dialog at the terminal at startup. The administrator provides the pass phrase for each encrypted private key file. There is a reuse mechanism for multiple keys used on virtual hosts. Pass phrases will automatically be retried to see if it can be used for multiple key files, thus saving some input.

exec: /path/script

This option calls a program at startup to produce the pass phrase however it sees fit, and send it to stdout for use with the terminal dialog described by the builtin option. The script is called with two arguments. The first argument is servername:portnumber, The second is either RSA or DSA, which is determined by the encryption used by the key file. This method is very flexible, and the administrator can provide any number of security checks to the process.

Get Webmaster in a Nutshell, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.