Configuring and Managing MPE/iX Internet Services (August 2002)
Chapter 9
HP WebWise MPE/iX Secure Web Server
Server Keys and Certificates
151
Server Keys and Certificates
This is a fairly large and complicated topic. You are STRONGLY ENCOURAGED to read about it in detail in
the Mod_ssl Manual, Chapter 2 Introduction and Chapter 6 FAQ List, either at
http://www.modssl.org/docs/2.8/ or the copy that comes with your HP WebWise MPE/iX Secure Web
Server (/APACHE/CURRENT/htmanual/mod/mod_ssl/ssl_intro.html and ssl_faq.html) and is accessible
from http://yourserver.yourdomain.com/manual/.
Secure web servers require a unique private key and a unique server certificate in order to establish secure
encrypted communication sessions. This software includes a default private key and server certificate so that
you can immediately start the server and begin testing. But because the supplied private key and server
certificate are not unique, they are NOT SECURE AND MUST NOT BE USED FOR PRODUCTION
PURPOSES!
You must generate your own private key and either obtain or create your own server certificate in order to be
secure. Keys and certificates contain extremely sensitive data and must be tightly controlled to prevent
unauthorized access.
Log on as MGR.APACHE
Before starting any key or certificate management you should first log on as MGR.APACHE and make sure that
all configuration files and directories are owned by MGR.APACHE:
1. :HELLO MGR.APACHE,PUB
2. :XEQ SH.HPBIN.SYS -L
3. $ export PATH=/APACHE/PUB/bin:$PATH
Create Your Private Server Key
Your private key is an EXTREMELY sensitive and confidential piece of information. Anybody who obtains
your private key will be able to impersonate you. If you should ever lose your private key or have it stolen,
your only recourse is to create a new private key and do a better job of protecting it.
Appropriate file system security is essential for the file which contains your private key. MGR.APACHE should
be the owner of the key file, and the owner is the only user that should have any kind of access. MGR.APACHE
should also be the owner of the directory in which the key file resides, and nobody besides the owner should
have access to the directory.
For extra added security, it is recommended that you encrypt your server key with a pass phrase that is stored
separately from the key. If you use a pass phrase, this will need to be supplied to the web server at start up
time, either by inserting it directly into the /APACHE/PUB/JHTTPD job stream after the command that invokes
HTTPD (caution — the pass phrase will be in plain text in the JHTTPD job stream, so you’ll need to protect
the job stream too), or by writing a special script or program that HTTPD will invoke to obtain the pass
phrase. See the mod_ssl SSLPassPhraseDialog configuration directive documentation for details.
Key generation uses a random number generator which in order to be portable uses a rather simple random
seed consisting of the current time, process ID, and some memory buffer contents. To increase the
randomness for the initial random number, you should use the openssl -rand parameter to specify a file that
contains possibly random data but definitely data that is unique to your machine. For example, because
machines have different patches applied at different times, /SYS/PUB/HPSWINFO might be suitable as a -rand
file containing unique data that will only exist on this one machine.
To create your private server key:
1.
$ cd conf/ssl.key