NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Problem (again!) with openssl!

On Mon, 28 Jul 2014, Paul Goyette wrote:

On Mon, 28 Jul 2014, Dave Huang wrote: makes it
sound like there's no configuration setting for the key/certificate
path. Putting a private key in /etc/openssl/certs sounds bad for
security to me, but maybe I'm making it a bigger deal than it really

Well, the contents of certs directory are all set to 644, while the ca.key (in /etc/openssl/private/) is 600, so it also feels bad to me.

More details in the following page (linked from UW pages) make it a bit clearer:

And it also works fine to have the combined file with permissions 600

I feel a bit more secure now!  :)

| Paul Goyette     | PGP Key fingerprint:     | E-mail addresses:       |
| Customer Service | FA29 0E3B 35AF E8AE 6651 | paul at    |
| Network Engineer | 0786 F758 55DE 53BA 7731 | pgoyette at |
| Kernel Developer |                          | pgoyette at  |

Home | Main Index | Thread Index | Old Index