Feature #2242
closedPatch to add support for SSL passphrase via config file
Description
Lighttpd supports SSL passphrase input via stdin. In some cases, it is more convenient to be able to specify a passphrase via a config entry. The attached patch adds a new option ssl.passphrase that allow to do just that.
Files
Updated by jpc over 14 years ago
This is an updated version of the patch against 1.4.28 release
Apply with: patch -p0 -i lighttpd-ssl-passphrase-config-1.4.28.diff
Any change to see this included in 1.4.29?
Updated by nitrox over 14 years ago
Why not remove the pass? You most certainly start lighty as root, so chown the cert accordingly and just remove the pass?
I don´t see any benefit (in case of security) to use the pass at all - if you set perms right - or it might be even worse if you also store it at lighty´s config file.
Updated by jpc over 14 years ago
We have a specific use case for this feature.
I think that the security choice should be left to the sys admin, e.g. do not use a passphrase or use a passphrase and enter it on the prompt or use a passphrase from config file.
Updated by nitrox almost 14 years ago
- Status changed from Patch Pending to Wontfix
Also available in: Atom