Solved

Apache w/ Mod_SSL and password protected keys.

Posted on 2004-04-05
2
326 Views
Last Modified: 2010-03-04
I recently renewed my SSL keys and was prompted to put a password on them when generating the certificate request (I think it was at that point).

Anyway, every time I start up my apache, it makes me put in that password before apache will start up.

eg:

     # /usr/local/apache/bin/apachectl startssl
     Apache/1.3.29 mod_ssl/2.8.16 (Pass Phrase Dialog)
     Some of your private key files are encrypted for security reasons.
     In order to read them you have to provide us with the pass phrases.

     Server xxx.xxx.com:443 (RSA)

This is a problem, since when I reboot my server, apache will not start up until I go in via ssh and manually restart it and manually type in the password.

Is there a way to automate this process so that when I reboot my server, my apache WILL automatically start up without my intervention (typing in that password)?

Here's the setup of my apache from server-status:  
Apache/1.3.29 (Unix) PHP/4.3.4 mod_ssl/2.8.16 OpenSSL/0.9.7c
I'm on FreeBSD 4.9 STABLE

Thanks.
0
Comment
Question by:jcoman777
2 Comments
 
LVL 1

Author Comment

by:jcoman777
ID: 10777330
To get rid of the pass-phrase dialog at Apache startup time:
 
 Remove the encryption from the RSA private key (while preserving the original file):
   
 $ cp server.domain.tld.key server.domain.tld.key.orig
 $ openssl rsa -in server.domain.tld.key.orig -out server.domain.tld.key
 Enter PEM pass phrase: YOUR_PASSWORD_HERE
 
 Make sure the server.key file is now only readable by root:  
 
 $ chmod 400 server.domain.tld.key  
0
 
LVL 2

Accepted Solution

by:
Lunchy earned 0 total points
ID: 10778845
Closed, 250 points refunded.
Lunchy
Friendly Neighbourhood Community Support Admin
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IBM HTTP Server Log rotation 5 172
Server specifications for web hosting 7 93
setup wamp server for first time 2 83
AWS EC2 HTTP & HTTPS 2 45
In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question