Old topic ssl private key with passphrase
Aleksandar Lazic
al-nginx at none.at
Thu Apr 24 11:03:21 UTC 2014
Hi.
Am 24-04-2014 10:54, schrieb Maxim Dounin:
> Hello!
>
> On Wed, Apr 23, 2014 at 08:32:57PM +0200, Aleksandar Lazic wrote:
>
>> Hi.
>>
>> Am 23-04-2014 18:19, schrieb Maxim Dounin:
[snipp]
>> I also agree that this is a very hard task.
>>
>> >So the question is: why do you need it?
>>
>> If you want to get a specific certificate for some standars.
>
> Well, that's not about security either, and completely
> non-technical.
>
> I've seen "certifications" requiring to use software with known
> remote code execution vulnerabilities, and I'm quite sceptical
> about doing something just because of certification requirements,
> without understanding the reasons behind them (if any).
>
> Anyway, if you know a standard which requires storing of
> keys in password-protected forms only - please point it out.
Okay.
BR Aleks
More information about the nginx
mailing list