We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Apache w/ Mod_SSL and password protected keys.

jcoman777
jcoman777 asked
on
Medium Priority
402 Views
Last Modified: 2010-03-04
I recently renewed my SSL keys and was prompted to put a password on them when generating the certificate request (I think it was at that point).

Anyway, every time I start up my apache, it makes me put in that password before apache will start up.

eg:

     # /usr/local/apache/bin/apachectl startssl
     Apache/1.3.29 mod_ssl/2.8.16 (Pass Phrase Dialog)
     Some of your private key files are encrypted for security reasons.
     In order to read them you have to provide us with the pass phrases.

     Server xxx.xxx.com:443 (RSA)

This is a problem, since when I reboot my server, apache will not start up until I go in via ssh and manually restart it and manually type in the password.

Is there a way to automate this process so that when I reboot my server, my apache WILL automatically start up without my intervention (typing in that password)?

Here's the setup of my apache from server-status:  
Apache/1.3.29 (Unix) PHP/4.3.4 mod_ssl/2.8.16 OpenSSL/0.9.7c
I'm on FreeBSD 4.9 STABLE

Thanks.
Comment
Watch Question

Author

Commented:
To get rid of the pass-phrase dialog at Apache startup time:
 
 Remove the encryption from the RSA private key (while preserving the original file):
   
 $ cp server.domain.tld.key server.domain.tld.key.orig
 $ openssl rsa -in server.domain.tld.key.orig -out server.domain.tld.key
 Enter PEM pass phrase: YOUR_PASSWORD_HERE
 
 Make sure the server.key file is now only readable by root:  
 
 $ chmod 400 server.domain.tld.key  
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.