ssl

Steven Alligood steve at bluehost.com
Tue Mar 16 11:51:21 MDT 2010


On 03/16/2010 11:41 AM, Stuart Jansen wrote:
> On Tue, 2010-03-16 at 11:37 -0600, Merrill Oveson wrote:
>    
>> OK, thanks a million!
>>
>> Just a couple of other questions...
>>
>> Is there anything magic about where the key, csr and crt files are stored?
>> Does the website look for these files on my server (if so how or
>> where), or does it rely on godaddy.com?
>>      
> I'm going to be a jerk and refuse to answer until you trim your reply.
>
>    

And I will be nice, since I like long posts that don't force me to have 
to read all the previous ones.

the key, csr, and cert can be anywherethat the webserver can read and 
that the webserver is told to get the m from.

I would suggest they be somewhere the webserver can get them but otehr 
users on the box (or internet) cannot get them, especially the key.  If 
someone else gets the key, your entire security model is compromised and 
you should start all over generating a new key, getting a new cert, etc, 
since anyone with that key can claim to be you.

-Steve



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5515 bytes
Desc: S/MIME Cryptographic Signature
Url : http://plug.org/pipermail/plug/attachments/20100316/f9bbeb37/attachment-0001.bin 


More information about the PLUG mailing list