Thank you for your answer. I agree with you on all points concerning if it would or not improve the security. Francis Daly Wrote: ------------------------------------------------------- > On Wed, Nov 18, 2015 at 04:34:20AM -0500, lakarjail wrote: > I don't see how your system security is enhanced, if you do anything > other than manually type in the password each time it is neededby lakarjail - Nginx Mailing List - English
Thank you for your answer. Could you please describe technically the "protected vault" for Debian you have in mind as a solution? If I understand you well, there is no simple solution in debian as we can have with Apache2 and its mod_ssl function 'SSLPassPhraseDialog'? That is quite surprising from Nginx/Debian support. itpp2012 Wrote: ------------------------------------------by lakarjail - Nginx Mailing List - English
I see your point there. Thank you for the link. It made me wondering why "SSLPassPhraseDialog" from Apache was not as well added on Nginx. Indeed, I am looking for a solution that wouldn't decrease the global security of my system. I can not consider leaving the password of a PEM key in cleartext like "ssl_password_file" solution proposed by Nginx, nor to remove the passwordby lakarjail - Nginx Mailing List - English
== CONTEXT == nginx version: nginx/1.6.2 Linux - 2.6.32-042stab111.11 #1 SMP Tue Sep 1 18:19:12 MSK 2015 x86_64 GNU/Linux While starting/restarting nginx with "service nginx start", no password is asked on the terminal and nginx fails to start. By checking journalctl, I receive the following error : --- nov. 17 ... systemd[1]: Failed to reset devices.list on /system.slice/nby lakarjail - Nginx Mailing List - English