SSL password on apache2 restart

Solution 1:

To make apache receive the passphrase everytime it restarts, add this to the httpd.conf:

SSLPassPhraseDialog exec:/path/to/passphrase-file

in your passphrase-file:

#!/bin/sh
echo "passphrase"

and make the passphrase-file executable:

chmod +x passphrase-file

Solution 2:

You need to remove encryption from your private key file like this:

openssl rsa -in server.key -out server.key.new

mv server.key.new server.key

Make sure the new key file is only readable by root - otherwise anyone with shell access to this server will be able to grab the private key and impersonate your server.

To make the key readable only by root, do 'chmod 600 server.key.new' before swapping keys.

Tags:

Ssl

Apache 2.2