iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)
Planning the iTP Secure WebServer PATHMON
Environment
iTP Secure WebServer System Administrator’s Guide—522659-001
3-8
Protecting Core Dumps
The iTP Secure WebServer installation requires the server password to be eight
characters or longer. In addition, the keyadmin utility also requires passwords to be
either mixed case or all uppercase.
If your password is stored in the configuration file or another file, protect that file at
least as carefully as you would the key database file itself. Consider file protection,
backups, network access, physical access, and so on (as described in Protecting the Key
Database File above).
Protecting Core Dumps
Any server can fail and dump core, and core dumps of the iTP Secure WebServer can
contain keys and the server password.
You must protect core files as carefully as the key database file and server password
files. Consider who has physical access to them, whether the files can end up on a
backup tape, what their file protections are, and so on. If you transmit a core file for
analysis, physically or electronically, consider the safety of the transmission mechanism.
Protecting Transmission of Key Database Files and Core Dumps
If you must transmit a key database file and/or a core dump over the public network—
for example, to Compaq support services for help with troubleshooting— make sure the
transmission mechanism is appropriate for your security requirements.
Compaq support requests that all key database files, core files, and configuration files
that contain passwords be sent encrypted in some form.