[CentOS] Apache SSL key pass phrase question

Michael A. Peters mpeters at mac.com
Fri Apr 3 20:14:02 UTC 2009


I just set up a secure server.

Followed the godaddy instructions for key generation/installation - and 
the server wanted my pass phrase to start.

When I started developing I followed instructions for a self signed cert 
and everything went dandy.

Anyway - after a little googling and an uneasy feeling that I messed up 
and godaddy might charge me a fee to resubmit for a new cert, I found 
the following solution -

openssl rsa -in secure.shastaherps.key.old -out secure.shastaherps.key

After running that and entering my pass phrase, no pass phrase is 
required to start the server and it seems like the browsers don't 
complain, so I think I'm set, but I thought I'd verify that all really 
is well and that doing that isn't going to cause any issues.

If I understand it correctly, the phrase was needed when Apache starts 
in order to decrypt the key, and all I did above was decrypt the key so 
that apache doesn't have to, correct?


More information about the CentOS mailing list