How to Remove Pass Phrase From Private Key

After configuring SSL in httpd service, we can restart httpd.

[root@w01 ~]# service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd: Apache/2.2.26 mod_ssl/2.2.26 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server www.example.com:443 (RSA)
Enter pass phrase:

OK: Pass Phrase Dialog successful.
                                                           [  OK  ]

It could become annoying to enter the pass phrase every time restarting httpd service. Therefore, we would like to remove the pass phrase from the private key.

[root@w01 ~]# openssl rsa -in /etc/pki/tls/private/www.example.com.key -out /etc/pki/tls/private/www.example.com.key
Enter pass phrase for /etc/pki/tls/private/www.example.com.key:
writing RSA key

You can notice that I made the output file as same as the input file. That is, I replace the private key with a non-encrypted one. Let's restart httpd again.

[root@w01 ~]# service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]

The service can keep going without prompting.

Leave a Reply

Your email address will not be published. Required fields are marked *