[freeside-users] Encryption
Ivan Kohler
ivan at sisd.com
Tue Apr 10 15:58:16 PDT 2007
On Fri, Mar 16, 2007 at 04:44:04PM -0600, Peter Bowen wrote:
> Steve,
>
> Wiki says....
>
> "5. Save and restart the web server - just in case."
>
> :) I just removed the "just in case."
>
> The public and private keys are stored in the same place as other
> configuration directives. You don't have to have them both an all machines.
> Just the public key is required. However, you won't be able to bill now or
> run a billing on a public only box.
>
> We have a cluster. Half of the cluster doesn't have access to the private
> key. Most employees do not have access to the boxes with the private key.
> The private key boxes have additional network protection as well.
Food for thought for the cluster scenario:
HEAD stores all configuration in the database now - at some point, we
probably need to treat the private keys in a special way and
store/retreive them in the filesystem explicitly.
--
_ivan
More information about the freeside-users
mailing list