|
|
|
|
|
|
by ollierattue
5509 days ago
|
|
|
Hey hopeless, thanks for your thoughtful comment. There isn't any solution to the pass phrase apache issue. If you forgot / lose it you need to: a. Remember / find it b. Buy a new certificate. You can create private keys without pass phrases, but this is less secure. It's interesting to hear that you think SSL certificate expiry is a common problem. As you say notification could be setup in Google Calendar, but we just tend to overlook things like this. However I wonder whether a for sale web app could be justified on this single simple feature... As for trust, it is a real issue. Trust and security are two different things. The security could be fine, but if there is a belief (rightly or wrongly) that it isn't safe then there will be a problem selling a product or service. From my understanding the certificate is sent from the server to the visitor's browser when they connect, so I don't see storing them in an online service as a security risk. However I need to research the security implications of storing the private key and pass phrase. Any advice or info here would be greatly appreciated. |
|
|