httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dan <>
Subject Re: [users@httpd] Apache -Modssl with startup Pass Phase password
Date Fri, 18 Feb 2005 00:39:40 GMT
Kory Wheatley wrote:
> I assume this goes in the httpd.conf  file, like this
> SLPassPhraseDialog exec:/opt/
> How can I remove the -des3 key  from the private key.
> I appreciate your response, thanks.
> On Thu, 17 Feb 2005 16:42:29 -0700, dan <> wrote:
>>Kory Wheatley wrote:
>>>I've currently configured an Apache ssl production server with
>>>Apache/1.3.33 (Unix) mod_ssl/2.8.22 OpenSSL/0.9.7e.
>>>When I start the  Apache secure server up it
>>>asks for the pass phrase password, is there a way to automate this,
>>>its a pain when I restart our workstation to have to manually start
>>>the apache server, when I would like it to automatically startup when
>>>we reboot.  I'm hoping I don't have to configure the server
>>>certificate over again.
>>Be really careful with how you handle this, but you can use, for starters:
>>SLPassPhraseDialog exec:your_password_program
>>where your_password_program is a shell script that echo's the password.
>>  You could even integrate sudo into that script so that you can limit
>>who can run that script, at what time, how often, etc etc.
>>However, that clearly being the less safe option, here's another.  Don't
>>use the -des3 key generation argument, then you will no longer be
>>prompted to enter in a passphrase.
>>Hope that helps

Please bottom-post.  It just makes it easier to read the message :)

To remove the -des3 key, you would need to re-generate the certificate, 
which is why I suggested it last.

SSLPassPhraseDialog exec:/what/ev/er goes into, presumably, a 
VirtualHost container wherever the rest of your SSL options are located.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message