[Fedora-directory-users] boot time startup requires password

Rich Megginson rmeggins at redhat.com
Fri Jul 8 15:43:14 UTC 2005


Kevin Myer wrote:

> http://www.redhat.com/docs/manuals/dir-server/ag/intro.htm#39523
>
> NB:  you trade the ease of startup with a security risk, in that your 
> keyphrase
> is stored in a file cleartext.

Right.  Very secure environments invest in hardware crypto 
devices/dongles that provide this functionality without giving up the 
security.

>
> Kevin
>
> Quoting Brian Jones <bkjones at gmail.com>:
>
>> Hi all.
>>
>> I hit a snag yesterday when I rebooted my directory server box
>> (running RHEL 4). The problem is that I'm using SSL/TLS, and that
>> means that every time I restart the directory server I have to provide
>> the password for the certificate database. Now, I *know* that this
>> would never stand in a large production environment, so I can only
>> imagine that I missed some essential piece of documentation on how I
>> can use SSL/TLS, but not be forced to provide a password every time
>> the server starts.
>>
>> Could someone provide a link to the doc that addresses this, or does
>> someone have some clue they could provide for my feeble brain?
>>
>> Thanks.
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3312 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20050708/4fd52f45/attachment.bin>


More information about the Fedora-directory-users mailing list