Apache boot without asking for passwd
The reason it's asking for the password is to protect your SSL certificate - in case your server gets cracked, the cracker can get access to both your certificate and the key to it. But as long as a password is required in order to use the key, the intruder won't be able to use it.
If you are convinced that your server is secure enough that there's no way an cracker can get at it, you can remove the passphrase from the key - though I really really don't recommend it!
The way to remove the passphrase is to first make a backup copy of the key. Then run the command
openssl rsa -in backupcopy.key -out keyname.key
You will be prompted for the password, and then openssl will write out a key that doesn't require a password. But again, that is really unsafe.
Related videos on Youtube
ingh.am
Updated on September 18, 2022Comments
-
ingh.am over 1 year
So I'm maintaining a server which has a verified SSL certificate setup, however there is a password on the private key and so whenever apache is reboot, we get a message asking for the password. This isn't a major issue, but becomes one when you reboot the machine! When this happens, it will hang at apache startup (I can tell by viewing the syslog through AWS) and then the machine doesn't run sshd and so I cannot access the server any more!
Is there a way to setup apache to use this key without asking for the password? I think one option would be to reissue the SSL certificate but this time not using a password, but then is that unsafe?
-
Admin over 11 yearsapparently
expect
can be used in this case: prongs.org/linux/apache/node23.html
-
-
ingh.am over 11 yearsHey I just found this command online. The server is locked down on AWS quite well, but I guess that is probably not enough. I think the only other thing I could do is somehow make sure apache is the last thing to be started at boot. I'm not too bothered about the passwd, it's the lack of access on reboot at the moment that is the problem!
-
Jenny D over 11 yearsIn that case I'd just disable apache from starting at boot entirely, and start it manually once the server is up.
-
ingh.am over 11 yearsFair point, I'll set that up ;)