×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC TrueSight Infrastructure Management 11.0 ... Administering Infrastructure Management Administering the Infrastructure Management environment SSL server certificate for Apache server

Removing the pass-phrase window displayed during Apache startup

The RSA private key inside the server.key file is stored in encrypted format for security reasons. The pass-phrase window is displayed at startup and every restart because the pass-phrase is required to decrypt the RSA private key so that it can be read and parsed. You should be aware that removing the pass-phrase removes a layer of security from your server.

To remove the pass-phrase window displayed during Apache startup

  1. Remove the encryption from the RSA private key (while keeping a backup copy of the original file) by following the steps given below:

    $ cp server.key server.key.org
$ openssl rsa -in server.key.org -out server.key
  2. Ensure that the server.keyfile is readable only by root:
$ chmod 400 server.key

Now server.key contains an unencrypted copy of the key. Directing your server to the server.key file removes the prompt for the pass-phrase.

Warning

If anyone obtains this key, they are able to impersonate you on the Internet. Therefore, it is very important that you ensure that the permissions on this file are such that only root or the Web server user can read it (It is recommended that you start the Web server as root but run it as another user, and have the key readable only by root).
As an alternative approach you can use the 'SSLPassPhraseDialog exec:/path/to/program' facility. But remember that this is neither more nor less secure.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Prathibha Mohan on Jul 28, 2016
administration infra_management security task apache web_servers

Comments

Log in or register to comment.

Configuring the Apache web server to accept HTTPS connection only
Changing the default Integration Service TCP control port
© Copyright 2013-2018 BMC Software, Inc. © Copyright 2013-2018 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.