ACDB  Log In Search
Light/Dark Theme
Site Map
SSL Enabled and BEAST Resistant Jan 25, 2012 | Rei
Adding SSL to Anime Characters Database was no small feat.

First, needed to grab the latest copy of lighttpd.

After configuring it, compiling it installing it, updating my root Jail script to launch it, writing a new configuration file, generating a SSL perm file, generating some Diffie-Hellman and Elliptic-Curve Diffie-Hellman parameters installing, creating log files, altering permissions, modifying firewall rules...

The new server failed to start.

Damn thing was looking for shared libraries in the wrong path.

So I changed the configuration prefix, installed it in / then copied and pasted that into the chroot and it started fine ~

Next step was getting the right mod_redirect rules.

SSL is a bench. Always complaining. Always giving scary warnings. I swear the industry that reaps money off of "trusting" certificates has everything to do with this.

Self signed a cert and limited the server to all other domains with redirect out.

Last but important, I reniced the lighttpd process to 20.

So even if a new SSL BEAST like hack happens, I wont care.

Also SSL is CPU intensive, so I also don't care.

nice 20 = lowest of low priority. If there's any CPU left, it'll run. The moment something else wants to run, it gets stopped. ^_^

Go Top

Anime Characters Database Logo Links


This site uses cookies for analytics, personalized content and ads. By continuing to browse this site, you agree to this use. Learn more [close]

Who Board | New Thread

04:11 am
Who is this ?

Buy Me a Coffee at

Increase your fun by becoming a member today! Login | Register

10 fun things to do on ACDB

Advertise - Ko-fi - Share - Mascot - Contact - Discord - API - Wiki - Site Map - Change Log - アニキャラベー - The Nature DB - Twitter - Instagram - Privacy Policy - Rules
All images are copyright of their respective owners. Copyright © Goral Software

Rendered in 10 ms. R-6-W-3-M-3000.54 KB