[TriLUG] Removing password from SSL cert

jonc at nc.rr.com jonc at nc.rr.com
Fri Mar 21 21:02:52 EDT 2008

You don't need to remove the password. You can auto feed it the password on restart.
In SSL.conf:
  SSLPassPhraseDialog  exec:/etc/httpd/conf/ssl_startup_password

The file /etc/httpd/conf/ssl_startup_password:
  print "PASSWORD\n";

It's very simple, but it took me about 30 attempts to get that right :-)
(the documentation on it used to be abysmal)

Jon Carnes

---- Brian Henning <Brian.Henning at datadirect.com> wrote: 
> Hi Gang,
> Some time ago, I created a certificate for my web server, had it signed
> by CACert, and installed it.  Works great.  Only problem is, when I
> created it I gave it a password, which of course means Apache prompts
> for the password each time it starts up.
> This is of course not a problem if I am restarting apache intentionally.
> I just type it in and go.
> It is a problem if my server has to reboot for some other reason, for
> example a power outage that outlasts my UPS's battery.
> Is there a way to remove a password from a certificate, or do I just
> have to revoke the old one and create a new one with no password and get
> it signed, etc. etc. ?
> Thanks,
> ~Brian
> ----------------
> Brian A. Henning
>    DataDirect
> Support Engineer
>   888-332-6797
> ----------------
> -- 
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/

More information about the TriLUG mailing list