Apache ssl passphrase automatic

 

Hello all,

 

hope you are having tough time remembering the pass phrase that you created for apache ssl creation. Well, not anymore. We can disable pass phrase prompt on every apache restart by regenerating the key file without a pass phrase.  This topic is made assuming that you already know the pass phrase.

 

[root@localhost.com ~]# /etc/init.d/httpd restart

Stopping httpd:                                            [OK]
Starting httpd: Apache/x.x.x mod_ssl/x.x.x (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server localhost.com:443 (RSA)
Enter pass phrase:

OK: Pass Phrase Dialog successful.
                                                           [  OK  ]

 

Let’s overcome the above issue.

All we need is to regenerate the key file using our openssl command as shown below.

First let’s take a backup of the key file, for redundency.

[root@localhost.com]# cp -arp /etc/ssl/old.key /etc/ssl/old.key.bak

Now, we will generate the new pass phrase less key as mentioned below.

[root@localhost.com]#  openssl rsa -in /etc/ssl/old.key -out /etc/ssl/new.key
Enter pass phrase for /home/ssl/old.key:
writing RSA key
[root@localhost.com]# 

Now, let’s replace the old key with the newly created one and restart apache.

[root@localhost.com]# mv /etc/ssl/new.key /etc/ssl/old.key
[root@localhost.com]# /etc/init.d/httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]
 

It should restart without prompting the pass phrase, if not you have missed something.

Reference: http://mnx.io/blog/removing-a-passphrase-from-an-ssl-key/

Thanks for viewing https://helpinlinux.com
 

Leave a Reply

Protected by WP Anti Spam