Project

General

Profile

Actions

Feature #2242

closed

Patch to add support for SSL passphrase via config file

Added by jpc over 13 years ago. Updated almost 13 years ago.

Status:
Wontfix
Priority:
Normal
Category:
core
Target version:
-
ASK QUESTIONS IN Forums:

Description

Lighttpd supports SSL passphrase input via stdin. In some cases, it is more convenient to be able to specify a passphrase via a config entry. The attached patch adds a new option ssl.passphrase that allow to do just that.


Files

Actions #1

Updated by jpc about 13 years ago

This is an updated version of the patch against 1.4.28 release

Apply with: patch -p0 -i lighttpd-ssl-passphrase-config-1.4.28.diff

Any change to see this included in 1.4.29?

Actions #2

Updated by nitrox about 13 years ago

Why not remove the pass? You most certainly start lighty as root, so chown the cert accordingly and just remove the pass?

I don´t see any benefit (in case of security) to use the pass at all - if you set perms right - or it might be even worse if you also store it at lighty´s config file.

Actions #3

Updated by jpc about 13 years ago

We have a specific use case for this feature.

I think that the security choice should be left to the sys admin, e.g. do not use a passphrase or use a passphrase and enter it on the prompt or use a passphrase from config file.

Actions #4

Updated by Olaf-van-der-Spek about 13 years ago

What would that use case be?

Actions #5

Updated by nitrox almost 13 years ago

  • Status changed from Patch Pending to Wontfix
Actions #6

Updated by stbuehler almost 13 years ago

  • Target version deleted (1.4.x)
Actions

Also available in: Atom