I had such a request to have such server start alone without human intervention.
If you want a little more secure solution. You can for example, hardcode a 3DES key in your server, to encrypt/decrypt the PEM pass phrase, and eventually mess the result a little (but in a way you can reconstruct it). And store this encrypted pass phrase in a file (or registry, or ...). ( You can add something host dependent to the pass phrase before crypting it, so it will only work on this host ) It's only a little more secure. But it's better than nothing. -----Original Message----- From: Jostein Tveit [mailto:[EMAIL PROTECTED] Sent: mardi 11 novembre 2003 14:55 To: [EMAIL PROTECTED] Subject: Re: PEM pass phrase hard coded "cau.m" <[EMAIL PROTECTED]> writes: > How can i make an unencrypted private key ? By not specifying any symmetric encryption algorithm when creating the private key. If you are using openssl genrsa, do not supply -des or -des3 at the command line. This is also mentioned in the key-FAQ at <URL: http://www.openssl.org/docs/HOWTO/keys.txt > -- Jostein Tveit ([EMAIL PROTECTED]) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
