Friday, October 31, 2008

Get rid of Passphrase | Apache Server Startup

If you have enable SSL on your Apache Server, you will notice that whenever your start Apache Server with "apachectl startssl" or "httpd startssl" it will ask you for your passphrase, the reason for this is that the RSA private key inside your server.key file is stored in encrypted format, the passphrase is needed to decrypt this file, so it can be read, however this is a pain specially when the server rebooted by itself and Apache didn't start on its own because you are required to enter a passphrase for it to start, this howto will show you how to remove the passphrase dialog, however to take note that removing the passphrase removes a layer of security from you server, now lets go and remove it :)
Step 1 - Remove the encryption from the RSA private key

$ cp server.key server.key.org
$ openssl rsa -in server.key.org -out server.key

Step 2 - Make sure the server.key file is only readable by root:

$ chmod 400 server.key

Now server.key contains an unencrypted copy of the key. If you point your server at this file, it will not prompt you for a passphrase, yay no more waking up in the middle of the night because no one knows the passphrase to teh Apache Server.

Tech Blog's Quick List of other how to below:

2 comments:

Anonymous said...

this thing doesn't work

Genius24k said...

Yes it does, I used it on some of my own development server

For suggestion and concerns E-mail