Press "Enter" to skip to content

Remove password from SSL Certificate

To remove the password or passphrase from your SSL certificate so that Apache will restart without hanging waiting for you to enter the password/passphrase,

In a couple of simple steps, but the first and most important

Make a backup copy of your key!!!
Actually make a couple and store them somewhere safe!

Then strip the key out with:
/usr/bin/openssl rsa -in /path/to/server.key -out /path/to/newservernopass.key
(you may need to adjust the path to openssl for your server)

Copy the newservernopass.key file over your server.key file and restart apache, if all goes well, apache will just start up without prompting for the passphrase.

NOTE: Be sure permissions on your SSL key file are only as permissive as needed (for example apache:apache 400) without a passphrase the key *could* be used on another server that you did not intend if it was leaked out. So keep it secure!