SSL password on apache2 restart

apache-2.2 ssl

I setup wildcard SSL certificate from Godaddy on Apache2. Whenever the server restarts it asks for the passphrase for the SSL certificate's private key.

What's the best way to remove this obstacle to restarts, because when logfile rotation restart occurs in the middle of the night, the server doesn't come back up, and I get an unhappy client call in the morning, as it is a shared server.


Solution 1:

To make apache receive the passphrase everytime it restarts, add this to the httpd.conf:

SSLPassPhraseDialog exec:/path/to/passphrase-file

in your passphrase-file:

#!/bin/sh
echo "passphrase"

and make the passphrase-file executable:

chmod +x passphrase-file

Solution 2:

You need to remove encryption from your private key file like this:

openssl rsa -in server.key -out server.key.new

mv server.key.new server.key

Make sure the new key file is only readable by root - otherwise anyone with shell access to this server will be able to grab the private key and impersonate your server.

To make the key readable only by root, do 'chmod 600 server.key.new' before swapping keys.

Related

Sell partitioning to me
How to collect bounces in postfix
How should I setup separate MX records for a subdomain?
What does Silence do?
Unable to join online games of Among Us due to Parental Controls that were never set up?
Can I join Xbox players on PC in Stardew Valley?
Why is my character randomly looking up?
Where is Nancy's second outfit?
Minecraft 1.14.4 Horse Not Going Through Nether Portal
Is there any benefit gained from reading or collecting all the volumes of a book series?
Is it normal for PS3 controllers to constantly lose their charge?
How can I get... just a little bit higher?