[brlug-general] Where do you put your SSL files?

[-ray]

True, but if it's in Apache memory, the key is still online.  As far as I 
know Apache doesn't do any in-memory key protection, so an intruder could 
just dump Apache memory and the key should be in there clear text.

A more common practice is to put a passphrase on the private key.  This is 
pretty inconvenient as you have to type in the passphrase at every apache 
restart.  And if an intruder can read your filesystem protected key file, 
then the server is probably compromised anyway (see 1st paragraph).

If Apache did some kind of memory protection on the key, then some of the 
protection techniques we've been discussing might be feasible.  Otherwise 
they're probably just obfuscation.

ray


On Wed, 28 Nov 2007, Tim Fournet wrote:

> Actually, you only need the private key when _starting_ apache. After
> it's started, it's loaded in memory and you can take your key offline.
> Some people go through the trouble of protecting their keys by doing
> things like only having the volume with the private keys mounted during
> a startup process, then making the server unable to reach them
> afterwards. One option would be to keep the keys on a USB drive, and
> removing that drive after apache starts. Or maybe create a modified
> filesystem driver that only works if `uptime` is less than a certain
> amount, and format your ssl-key partition with that filesystem