Re: Apache SSL certificates and passwords (64 Views)
Reply
Honored Contributor
Michael Tully
Posts: 7,905
Registered: ‎04-15-1999
Message 1 of 3 (64 Views)
Accepted Solution

Apache SSL certificates and passwords

Hi,

I have apache SSL on one of my servers that already has an SSL certificate. During the system start-up, I have a script that automatically starts the apache 'httpsd' processes, but waits and asks for the password for the certificate to entered. How can I automatically get the password entered without any sort of manual intervention. Here is the startup script. Because the system is supposed
to be secure, I would also like the password to
be encrypted.

##################################
# Start the Apache server

$APACHEALM_BIN/httpsdctl start

##################################

Unfortunately we have a policy here where systems are re-booted every week (dont' ask why!)

Any help will no doubt earn you points!

Cheers
~Michael~

Anyone for a Mutiny ?
Honored Contributor
Steven Sim Kok Leong
Posts: 2,376
Registered: ‎09-04-1997
Message 2 of 3 (64 Views)

Re: Apache SSL certificates and passwords

Hi Michael,

Below is just my 2 cents of personal opinion.

The only person who can read the password in an Expect script to startup the webserver should only be root. Given the correct permission settings, I would reason the following:

1) On protecting the password:

If someone compromises the root account, then he could gain access to the encrypted password and run crack on it.

2) On protecting the SSL traffic:

Okay, let's say the intruder was unable to crack the password. However, because he is already root, nothing is preventing him from reading the clear-text traffic already decoded at the webserver? Example, what's preventing him from reading the userid/passwd in passwd.cgi?

3) On anti-spoof protection:

Let's say there was no password to the certificate and the intruder (after compromising root) copies the certificate to another server in order to try spoofing your webserver. This will only work if the DNS server has been compromised in order to redirect traffic to his site. What are the chances of both the webserver and the DNS server being compromised together?

Thus, I personally believe that the additional security benefits of having a password for starting up the webserver over that without using a password is very minimal.

In addition, the additional benefits of having having an encrypted password over a cleartext one (when only root has access to the script) is again very marginal.

Thus, from a cost-benefit viewpoint, for ease of management and maintenance, the password is better off being cleartext embedded in the root-only accessible script or simply not having any password at all for the SSL certificate on the webserver.

In addition, why should the server be rebooted every week if nothing is wrong with it? If it is ain't broken, don't fix it. Each restart is a loss of revenue for unavailability.

Just my 2 cents. Regards.

Steven Sim Kok Leong
Email: steven@beepz.com. Homepage: https://www.beepz.com
Honored Contributor
Michael Tully
Posts: 7,905
Registered: ‎04-15-1999
Message 3 of 3 (64 Views)

Re: Apache SSL certificates and passwords

Hi Steven,

Thanks for the assistance. The unnecessary
rebooting of systems is a fact of life I
have to put up for now at least. I have
turned off the rebooting of this particular
server for the time being. I had already
raised the point of, if the system isn't
up people can't use it, place orders get
information, etc. What makes it worse is
that there are three seperate business
pillars of ours using it....

Thanks to your advice, I'm going to write
an expect script to do the whole lot.
The security problem, well the business
will just have to live with it. It has
the green tick from the auditors, so if
it gets hacked.... tough!

Thanks mate
Michael

Anyone for a Mutiny ?
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.