[NTLUG:Discuss] Red Hat Secure Webserver

Daniel L. Shipman daniel at srj.net
Fri Jan 28 08:41:13 CST 2000


So - when I got my thawate cert I entered in my PEM pass phrase - BIG
mistake - now every time I want to stop my httpsd server or restart it or
anything I have to enter that stupid PEM pass phrase  - Is it really such a
big security thing that it remains secret?????

If not how can I have a simple shell script that will enter the commands 
httpsd stop
Wait for a second or so then enter the PEM pass phrase 
then enter the command - httpsd

Essentially bringing the httpsd server down and then up for quick
maintenance like adding virtual domains and such without the hassel of
entering the stipid PEM pass phrase.

I don't want to open myself up for security problems by having the PEM pass
phrase open to exploitation - but I have friends who didn't enter a PEM
pass phrase when the signedup for Thawate and they are able to bring the
httpsd server up and down quick and easy just like the httpd commands

Daniel Shipman, VP Internet Services
SRJ Marketing Communications
Phone * 214-528-5775
Fax   * 214-599-0775




More information about the Discuss mailing list