Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use neverbleed #520

Merged
merged 3 commits into from Sep 23, 2015
Merged

use neverbleed #520

merged 3 commits into from Sep 23, 2015

Conversation

kazuho
Copy link
Member

@kazuho kazuho commented Sep 23, 2015

Neverbleed is an OpenSSL engine that runs RSA private key operations in an isolated process, thereby minimizing the risk of private key leak in case of vulnerability such as Heartbleed.
https://github.com/h2o/neverbleed

@kazuho kazuho added this to the v1.5 milestone Sep 23, 2015
@kazuho kazuho mentioned this pull request Sep 23, 2015
Closed
3 tasks
kazuho added a commit that referenced this pull request Sep 23, 2015
@kazuho
Merge pull request #520 from h2o/kazuho/neverbleed
dab9e8b 
use neverbleed
@kazuho kazuho merged commit dab9e8b into master Sep 23, 2015
@kazuho
Copy link
Member Author

kazuho commented Sep 23, 2015

FWIW the feature is off by default (for the time being).

kazuho added a commit that referenced this pull request Sep 23, 2015
@kazuho
Merge branch 'kazuho/neverbleed' (amends #520)
6a3707c
kazuho added a commit that referenced this pull request Sep 24, 2015
@kazuho
Merge branch 'kazuho/neverbleed-change-socket-owner-on-setuid' (amends
4987991 
…#520)
@HLFH
Copy link
Contributor

HLFH commented Sep 26, 2015

Hi @kazuho. Is there a way to set the feature Neverbleed ON?

Thanks in advance,

@kazuho
Copy link
Member Author

kazuho commented Sep 26, 2015

@HLFH You can enable the feature by setting the neverbleed attribute of ssl directive to ON. Please note that we may change how it is enabled / disabled.

listen:
  port: 443
  ssl:
    certificate-file: /path/to/certificate
    key-file: /path/to/private-key
    neverbleed: ON

kazuho added a commit that referenced this pull request Sep 26, 2015
@kazuho
add doc for neverbleed property #520
1a95d05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement networking
Projects
None yet
Milestone
v1.5
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@kazuho @HLFH