[openssl-users] Regarding the security of the keys

James james.arivazhagan at gmail.com
Tue Jul 21 06:46:43 UTC 2015


Hi there,
I have a concern regarding the private keys we use in the https (say
apache) server.
The https server links with openssl.so file, and uses the APIs provided by
it.
If some one build their own openssl and add few lines to print the keys
during encrypt and decrypt and put in the library in the LD_LIBRARY_PATH,
may result in compromising the security of the keys.

Does any of you faced this problem and if you could share the solution it
would be helpful.

regards,
James Arivazhagan Ponnusamy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150721/5947b575/attachment.html>


More information about the openssl-users mailing list