View Single Post
Old 21st August 2006, 19:44
jarkand jarkand is offline
Junior Member
Join Date: Aug 2006
Location: Germany (the very south)
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via AIM to jarkand

OK, I found one solution but I'm not very happy with it because it reduces the cert security level.

To get rid of the pass phrase request, simply create a new key without the -des3 (or what ever you've chosen) option.

Here's a very short (I'm sure you'll find these information 1 billion times on the net much better described than here) how to Apache-SSL / Apache ModSSL key and CSR Generation without pass phrase instructions:

1. Generate the private key
openssl genrsa –out 1024
insted of: openssl genrsa –des3 1024
2. Generate the CSR
openssl req –new –key –out
3. Request the CRT from a CA Unit or create your own one.

4. Edit Apache's conf and restart.

Apache will never again ask you to enter the pass for your privat key and you don't have to worry about cron jobs that require to restart Apache.

WARNING: Use this way only if you absolutely trust the server, and you make sure the permissions are carefully set!
Ohh, btw, any commends STILL appreciated...
Reply With Quote