[stunnel-users] No way to keep the key encrypted?
Hans Werner Strube
strube at physik3.gwdg.de
Wed Nov 15 17:32:23 CET 2006
Michal Trojnara wrote:
> Obviously private key encryption should not be used in inetd mode. It
> works fine in daemon mode and on Win32 platform.
Yes, but only when stunnel is started manually. When started automatically
on system boot, there is usually nobody present to enter the password of
the encrypted private key (except when the key is stored somewhere and
its input provided by some script or program - again a security hole).
This is not a special problem of stunnel but of all SSL-using servers.
More information about the stunnel-users