Apache boot without asking for passwd

security password apache-httpd ssl reboot
5,516

The reason it's asking for the password is to protect your SSL certificate - in case your server gets cracked, the cracker can get access to both your certificate and the key to it. But as long as a password is required in order to use the key, the intruder won't be able to use it.

If you are convinced that your server is secure enough that there's no way an cracker can get at it, you can remove the passphrase from the key - though I really really don't recommend it!

The way to remove the passphrase is to first make a backup copy of the key. Then run the command

openssl rsa -in backupcopy.key -out keyname.key

You will be prompted for the password, and then openssl will write out a key that doesn't require a password. But again, that is really unsafe.

Share:
5,516

Related videos on Youtube

ingh.am
Author by

ingh.am

Updated on September 18, 2022

Comments

  • ingh.am
    ingh.am over 1 year

    So I'm maintaining a server which has a verified SSL certificate setup, however there is a password on the private key and so whenever apache is reboot, we get a message asking for the password. This isn't a major issue, but becomes one when you reboot the machine! When this happens, it will hang at apache startup (I can tell by viewing the syslog through AWS) and then the machine doesn't run sshd and so I cannot access the server any more!

    Is there a way to setup apache to use this key without asking for the password? I think one option would be to reissue the SSL certificate but this time not using a password, but then is that unsafe?

  • ingh.am
    ingh.am over 11 years
    Hey I just found this command online. The server is locked down on AWS quite well, but I guess that is probably not enough. I think the only other thing I could do is somehow make sure apache is the last thing to be started at boot. I'm not too bothered about the passwd, it's the lack of access on reboot at the moment that is the problem!
  • Jenny D
    Jenny D over 11 years
    In that case I'd just disable apache from starting at boot entirely, and start it manually once the server is up.
  • ingh.am
    ingh.am over 11 years
    Fair point, I'll set that up ;)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Node.js, simple TLS client/server
Error while creating self-signed SSL certificate
What does my installed .cer certificate not show in IIS?
WebLogic SSL: No identity key/certificate entry was found under alias in keystore
How do you get Maven to accept invalid SSL certificates?
ORACLE, UTL_HTTP and SSL
How can the SSL client validate the server's certificate?
What is the correct JBoss EAP 6.0.1 cipher-suite configuration for mitigation of Logjam / weakdh.org?
How to create a secure SSL connection between Android client and Java server?
Why do I get browser warnings on my new lets encrypt ssl setup?