If you have enable SSL on your Apache Server, you will notice that whenever your start Apache Server with "apachectl startssl" or "httpd startssl" it will ask you for your passphrase, the reason for this is that the RSA private key inside your server.key file is stored in encrypted format, the passphrase is needed to decrypt this file, so it can be read, however this is a pain specially when the server rebooted by itself and Apache didn't start on its own because you are required to enter a passphrase for it to start, this howto will show you how to remove the passphrase dialog, however to take note that removing the passphrase removes a layer of security from you server, now lets go and remove it :)
Step 1 - Remove the encryption from the RSA private key
$ cp server.key server.key.org
$ openssl rsa -in server.key.org -out server.key
Step 2 - Make sure the server.key file is only readable by root:
$ chmod 400 server.key
Now server.key contains an unencrypted copy of the key. If you point your server at this file, it will not prompt you for a passphrase, yay no more waking up in the middle of the night because no one knows the passphrase to teh Apache Server.
Step 1 - Remove the encryption from the RSA private key
$ cp server.key server.key.org
$ openssl rsa -in server.key.org -out server.key
Step 2 - Make sure the server.key file is only readable by root:
$ chmod 400 server.key
Now server.key contains an unencrypted copy of the key. If you point your server at this file, it will not prompt you for a passphrase, yay no more waking up in the middle of the night because no one knows the passphrase to teh Apache Server.
Tech Blog's Quick List of other how to below:
- 10 Steps | Remove Virus | Spyware Scanner Download | Free Software
- Easy Network troubleshooting | DNS Problem Guide
- Howto change DNS Server IP to OpenDNS
- Fix | COM Surrogate Error | Windows Vista
- 9 Easy Steps | Setting up a secured home wireless network
- Howto Permanently deleting files | data on your hard disk
- Full filesystem backup | ufsdump - For *nix
- Slow HD | 1080p Playback | troubleshooting | Fix
- Sendmail | Banner change | Disabling VRFY | EXPN
- iPod charging on DVD player w/o dock
- Apple Ipod Jailbreak - 1.1.4 firmware guide and Quickpwn
- Create iTunes Store account | Without Credit Card
- Optimize Windows XP | VIsta
- Hard Disk Recovery | Data Recovery | Test Disk
- Import Outlook PST to Gmail Howto
- Bypass Firewall | Proxy with SSH | Hamachi
- Permanently deleting files | data on your hard disk
- Hamachi VPN a quick guide
- Build your own IDS or IPS
- Download Video from YouTube to your computer
- Bandwidth Monitoring | Free software
2 comments:
this thing doesn't work
Yes it does, I used it on some of my own development server
Post a Comment