How to set PEM Pass Phrase for HTTPS server
1,095 views
Skip to first unread message
Barco
May 17, 2012, 9:47:20 AM5/17/12
to moch...@googlegroups.com
Dear All,
I want to setup a https server with mochiweb. First of all I need to use openssl to generate certificate and private key files, and when I generate these file I need to input a Pem pass phrase, so I hope to know how can I set this passphrase in mochiweb ssl_opts. Otherwise the https request will fail with ekeyfile error.
Thank you!
I want to setup a https server with mochiweb. First of all I need to use openssl to generate certificate and private key files, and when I generate these file I need to input a Pem pass phrase, so I hope to know how can I set this passphrase in mochiweb ssl_opts. Otherwise the https request will fail with ekeyfile error.
Thank you!
Bob Ippolito
May 17, 2012, 12:15:19 PM5/17/12
to moch...@googlegroups.com
On Thu, May 17, 2012 at 6:47 AM, Barco <barc...@bestv-intl.com> wrote:
Dear All,
I want to setup a https server with mochiweb. First of all I need to use openssl to generate certificate and private key files, and when I generate these file I need to input a Pem pass phrase, so I hope to know how can I set this passphrase in mochiweb ssl_opts. Otherwise the https request will fail with ekeyfile error.
You don't actually need to put a passphrase on it, I believe you just press return when it asks you for one. You can also remove the passphrase from a certificate after you've generated it.
# remove passphrase from key.pem and save in newkey.pem
openssl rsa -in key.pem -out newkey.pem
Anyway, looks like the option is {password, string()}
Barco
May 17, 2012, 10:49:04 PM5/17/12
to moch...@googlegroups.com
Thank you Bob.
I use this command to generate key and certificate, but I have to type pass phrase in prompt otherwise openssl will error and quit.
openssl req -new -x509 -newkey -days 365 -keyout server.key -out server.crt
I use this command to generate key and certificate, but I have to type pass phrase in prompt otherwise openssl will error and quit.
openssl req -new -x509 -newkey -days 365 -keyout server.key -out server.crt
Barco
May 17, 2012, 11:05:55 PM5/17/12
to moch...@googlegroups.com
And I think Mochiweb should have a tutorial about how to setup a https server, including how to generate the certificate and key files, rather than just putting a example with the files already generated there without practical meaning.1
On Friday, May 18, 2012 12:15:19 AM UTC+8, Bob Ippolito wrote:
On Friday, May 18, 2012 12:15:19 AM UTC+8, Bob Ippolito wrote:
Bob Ippolito
May 17, 2012, 11:28:34 PM5/17/12
to moch...@googlegroups.com
Realistically, if SSL is important to you, I would recommend another web server. We always did SSL termination at the load balancer, so that's not the most exercised code. You should take a look at cowboy or yaws, I've used SSL in cowboy and it seems to work fine. Documentation isn't much better, but it's a more modern API that takes advantage of the binary features in newer versions of Erlang.
--
You received this message because you are subscribed to the Google Groups "MochiWeb" group.
To view this discussion on the web visit https://groups.google.com/d/msg/mochiweb/-/kct_fBooLtwJ.
To post to this group, send email to moch...@googlegroups.com.
To unsubscribe from this group, send email to mochiweb+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/mochiweb?hl=en.
Barco You
May 17, 2012, 11:30:11 PM5/17/12
to moch...@googlegroups.com
Hi Bob.
Thank you for very much!--
------------------
Best regards,
Barco
Thank you for very much!
------------------
Best regards,
Barco
Reply all
Reply to author
Forward
0 new messages