Restart webserver without entering a password? [duplicate]
See Warner's Answer to almost the exact same question a day or two ago.
Answering each question in turn:
1) Is there a way to automatically provide the PEM pass phrase when the webserver is restarted?
Apache has the SSLPassPhraseDialog to automatically answer the SSL pass phrase question.
2) do I have to get the SSL certificate re-issued using a key where the pass phrase has been removed?
The pass prase can be removed from the key without needing to get the certificate re-issued. The key is your secret and you can do anything you want with it including making it unsecure:
> cp server.key server.key.org
> openssl rsa -in server.key.org -out server.key
[enter the passphrase]
3) If I remove the pass phrase, what are the security implications? Is it anything to worry about?
Yes, if the private key is no longer encrypted, it is critical that this file only be readable by the root user. If your system is ever compromised and a third party obtains your unencrypted private key, the corresponding certificate will need to be revoked immediately or the attack could put up a website pretending to be yours.