OS: Linux

Software: Apache 2.x

Dilemma: You have set a passphrase on your SSL certificate. Upon starting Apache the default behaviour is interactively type the password in. This obviously has an impact on boot and when you need to automatically restart Apache. If this doesn’t fit your model then there are 2 options:

1) Remove the passphrase from the certificate. Next time Apache restarts it wont request a password. To do this use the following command:

openssl rsa -in securesite.domain.net.uk.key -out securesite.domain.net.uk.nopass.key

Edit httpd-ssl.conf as it is and make sure the following lines are as follows:

SSLPassPhraseDialog builtin

SSLCertificateKeyFile “/path/to/certficates/securesite.domain.net.uk.nopass.key”

2)

Edit the httpd-ssl.conf:

SSLPassPhraseDialog exec:/path/to/ssl-passphrase
Edit the /path/to/ssl-passphrase using vi or your favourite editor.

#!/bin/sh
echo “passphrase”

 

Please beware that both these methods aren’t as secure as the interactive input.