Project

General

Profile

Feature #2242

Patch to add support for SSL passphrase via config file

Added by jpc about 9 years ago. Updated about 8 years ago.

Status:
Wontfix
Priority:
Normal
Assignee:
-
Category:
core
Target version:
-
Start date:
2010-08-03
Due date:
% Done:

0%

Estimated time:
Missing in 1.5.x:
No

Description

Lighttpd supports SSL passphrase input via stdin. In some cases, it is more convenient to be able to specify a passphrase via a config entry. The attached patch adds a new option ssl.passphrase that allow to do just that.

History

#1

Updated by jpc over 8 years ago

This is an updated version of the patch against 1.4.28 release

Apply with: patch -p0 -i lighttpd-ssl-passphrase-config-1.4.28.diff

Any change to see this included in 1.4.29?

#2

Updated by nitrox over 8 years ago

Why not remove the pass? You most certainly start lighty as root, so chown the cert accordingly and just remove the pass?

I don´t see any benefit (in case of security) to use the pass at all - if you set perms right - or it might be even worse if you also store it at lighty´s config file.

#3

Updated by jpc over 8 years ago

We have a specific use case for this feature.

I think that the security choice should be left to the sys admin, e.g. do not use a passphrase or use a passphrase and enter it on the prompt or use a passphrase from config file.

#4

Updated by Olaf-van-der-Spek over 8 years ago

What would that use case be?

#5

Updated by nitrox about 8 years ago

  • Status changed from Patch Pending to Wontfix
#6

Updated by stbuehler about 8 years ago

  • Target version deleted (1.4.x)

Also available in: Atom