Don't prompt for SSL Pass Phrase
Jon D. Slater
Jon.Slater at LPBroadband.Net
Fri Nov 11 20:06:57 UTC 2005
Alexander Dalloz wrote:
>Am Fr, den 11.11.2005 schrieb Jon D. Slater um 18:44:
>
>
>
>>>http://www.redhat.com/archives/fedora-list/2005-November/msg01104.html
>>>
>>>Paul.
>>>
>>>
>
>
>
>>Thanks Paul,
>>
>>Seems straight-forward enough, but it didn't work...
>>
>>I decrypted according to the instructions, then (to test) restarted
>>httpd and was again prompted for a "pass-phrase".
>>
>>What did I miss? (Not that there's a lot to miss in 2 lines of
>>instructions.)
>>
>>Jon
>>
>>
>
>I would have been good if you had posted what exactly you did. From what
>you wrote I assume you chose the alternate where one removes the
>passphrase from the RSA key. So, given your passphrase protected is
>
>/etc/httpd/conf/ssl.key/server.key
>
>you run following:
>
>1) cd /etc/httpd/conf/ssl.key
>2) mv server.key server-rsa.key
>3) openssl rsa -in server-rsa.key > server.key
>4) chmod 400 server.key
>5) chown root:root server.key
>6) service httpd restart
>
>Alexander
>
>
That's exactly what I did... (Just to remove any doubt, I actually
cut-n-pasted your commands.)
After step 6 I get:
> Stopping httpd: [ OK ]
> Starting httpd: Apache/2.0.54 mod_ssl/2.0.54 (Pass Phrase Dialog)
> Some of your private key files are encrypted for security reasons.
> In order to read them you have to provide the pass phrases.
>
> Server www.blahblahblah.com:443 (RSA)
> Enter pass phrase:
>
> OK: Pass Phrase Dialog successful.
> [ OK ]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20051111/2e63c759/attachment-0001.htm>
More information about the fedora-list
mailing list