Ask a Question

Advanced Search

Solution ID : SO307

Last Modified : 05/02/2018

Remove passphrase requirement on private key for Apache-SSL


Is it possible to change my private key not to have a passphrase?


It is possible to create an unencrypted copy of the key using this command: 
openssl rsa -in file1.key -out file2.key
Where file1.key contains the current encrypted key and file2.key will contain your unencrypted key.

If you now point your server at this key file, it will not prompt you for a passphrase.

If anyone gets the unencrypted key, they will be able to impersonate you (keys create your identifying digital signature).
Please make sure the permissions on that file allow only "root" or "web server user" to read it. Preferably start your web server as root, but run as another server, and have the key readable only by root.