Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cherokee>
  3. dev
Issue 1357 in cherokee: Documentation ommission: important fact on SSL config not mentioned.
cherokee at googlecode
May 3, 2012, 3:07 AM
Post #1 of 4 (1427 views)
Permalink
Status: New
Owner: ----

New issue 1357 by freil...@gmail.com: Documentation ommission: important
fact on SSL config not mentioned.
http://code.google.com/p/cherokee/issues/detail?id=1357

Version: 1.0.4

It would save users much frustration if the cookbook on configuring SSL
mentioned that cherokee-admin is not able to start up a TLS enabled site
that requires a password for the private key. Instead you have to use
cherokee-worker.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev
Re: Issue 1357 in cherokee: Documentation ommission: important fact on SSL config not mentioned. [ In reply to ]
cherokee at googlecode
May 3, 2012, 3:15 AM
Post #2 of 4 (1392 views)
Permalink
Comment #1 on issue 1357 by freil...@gmail.com: Documentation ommission:
important fact on SSL config not mentioned.
http://code.google.com/p/cherokee/issues/detail?id=1357

It would be better still if cherokee-admin was able to prompt the user for
a private key pass phrase in the web interface. In fact this should really
be considered a bug in cherokee-admin because if you try to start a server
that requires a pass phrase, it just hangs there and times out the
connection. There is no helpful error message, just a "cannot load page".

cherokee-worker does not have this problem.

regards
Finnian Reilly

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev
Re: Issue 1357 in cherokee: Documentation ommission: important fact on SSL config not mentioned. [ In reply to ]
cherokee at googlecode
Jun 8, 2012, 6:11 AM
Post #3 of 4 (1342 views)
Permalink
Comment #2 on issue 1357 by pig...@gmail.com: Documentation ommission:
important fact on SSL config not mentioned.
http://code.google.com/p/cherokee/issues/detail?id=1357

You should consider to remove your passphase from your keys.

I would definitely do avoid storing passwords as plaintext.

To remove passphase just:
openssl rsa -in your_key_file -out your_new_key_file.

Also do not compare cherokee-worker with cherokee-admin. Completely
different things.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev
Re: Issue 1357 in cherokee: Documentation ommission: important fact on SSL config not mentioned. [ In reply to ]
cherokee at googlecode
Jun 8, 2012, 9:16 AM
Post #4 of 4 (1339 views)
Permalink
Updates:
Status: Duplicate
Mergedinto: 179

Comment #3 on issue 1357 by ste...@konink.de: Documentation ommission:
important fact on SSL config not mentioned.
http://code.google.com/p/cherokee/issues/detail?id=1357

Prompting for the password from the admin would be an extremely bad thing.
Because the admin is mostly an insecure connection. Local users could
exploit that. We do agree that the 'hanging' of Cherokee is not desired.
Never the less this specific feature request was already made a long time
ago.

I do agree with Pigmej, remove them.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal