Re: SSLContext and using password encrypted PEMs

Posted Mon, 24 Feb 2014 18:25:31 GMT in reply to Sönke Ludwig

On Mon, 24 Feb 2014 16:58:27 GMT, Sönke Ludwig wrote:

On Mon, 24 Feb 2014 16:38:02 GMT, Stephan Dilly wrote:

Through the discussion at the NG (http://forum.dlang.org/thread/le8d84$1gg0$1@digitalmars.com) I tried to use such a SSL Cert for my purposes but the force me to define a passphrase for the certificate and now when starting to listen on http using an SSLContext OpenSSL asks me for the passphrase on the stdin/out -.-

Is there any way to work around this or would it be necessary to implement s.th. new in vibe.d to support defining this using code ?

regards

You should be able to remove the passphrase using openssl rsa -in passphrased.pem -out decrypted.pem. I don't think it makes sense to implement something special in vibe.d to pass the password by other means than interactively, because that would just mean that in case of a compromised system, not only the key would be stolen, but also the password used to encrypt it (which might be used for other things if someone hasn't been careful enough).

I am such a ssl noob, thank you that works! Was wondering anyway why they expected me to do that