Old topic ssl private key with passphrase

Aleksandar Lazic al-nginx at none.at
Thu Apr 24 11:03:21 UTC 2014


Hi.

Am 24-04-2014 10:54, schrieb Maxim Dounin:
> Hello!
> 
> On Wed, Apr 23, 2014 at 08:32:57PM +0200, Aleksandar Lazic wrote:
> 
>> Hi.
>> 
>> Am 23-04-2014 18:19, schrieb Maxim Dounin:

[snipp]

>> I also agree that this is a very hard task.
>> 
>> >So the question is: why do you need it?
>> 
>> If you want to get a specific certificate for some standars.
> 
> Well, that's not about security either, and completely
> non-technical.
> 
> I've seen "certifications" requiring to use software with known
> remote code execution vulnerabilities, and I'm quite sceptical
> about doing something just because of certification requirements,
> without understanding the reasons behind them (if any).
> 
> Anyway, if you know a standard which requires storing of
> keys in password-protected forms only - please point it out.

Okay.

BR Aleks



More information about the nginx mailing list