Re: [exim] TLS with crypted key

Página superior
Este mensaje es parte del siguiente hilo:
MEl árbol completo de hilos, ordenados por fecha
MJohannes Lämmermann, mensaje del <-
 
Eliminar este mensaje
Responder a este mensaje
Autor: Tom Kistner
Fecha:  
A: Johannes Lämmermann, exim users
Asunto: Re: [exim] TLS with crypted key
Johannes Lämmermann wrote:

> I don't want my TLS private key insecure and unencrypted,
> as i'm not the only root user on the server. With Apache Webserver
> it works like a charm. When i start apache, i get prompted for the
> key's passphrase.

Another 'root' user could simply dump an apache core and retrieve the
decrypted key from it, so this is just security by obscurity.

> I wondered, wheter exim4 is also able to do so?
> I couldn't find anything, related to my problem, on the web
> so I hope at least you guys can give me an answer.

AFAIK this is not possible in Exim, since its OpenSSL initialization is
per-forked-process, so you would have to re-enter your passphrase for
every mail received or sent.

/tom

Este mensaje se envió a las siguientes listas de correo:
Exim-users
Información de la lista de correo | Mensajes cercanos		<-Re: [exim] Local e-mails aren't being delivered![exim] Doamin Stats->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)