|PageViews: 578 hits / 28 nets|
The Passphrase will be used by SSL library for decryption of the private-key, which might be bundled in a file together with a certificate, like this for example:
Another passphrase is for getting encrypted configuration parameters specified as "+=conf.cdh". The passphrase to decrypt such data is given as the password of a special user named "config" in a special domain, as this:
The suffix ".cdh" means that the data is encrypted with "Credhy" algorithm. A file can be encrypted and decrypted with -Fcredhy as follows:
An encrypted configuration file can be used as follows:
When a configuration file is loaded from a remote server,
it is strongly recommended to use the encryption.
As shown in the examples, those special user names to hold passphrases are in the special domain "-dgauth@admin" [DGAuth]. The storage for passwords in DGAuth are encrypted with a passphrase, or MasterKey. It can be specified as this:
If the MasterKey is not specified with a CRYPT parameter for a DeleGate which requires it, then it will be asked interactively. When restarting DeleGate with "-r" or SIGHUP, or restarting in short time after termination, or possibly after rebooting the host machine, the MasterKey is automatically saved and reused without the interaction.