From: Harihar Krishnan (harik@bma.gov.bh)
Date: Sun May 18 2003 - 02:10:06 EDT
> Thanks, gentlemen. I recd. some solutions (looks like no
> straight-forward solution exists) as follows (thanks to Kai Lanz, Chris
> Adams, Mike Caplin, A. Gutierrez & Dr. Thomas P. Blinn):
>
> 1. Use the dialog option to provide the passphrase
> automatically. In your apache-ssl httpd.conf file, comment out the
> "SSLPassPhraseDialog builtin" line and replace it with something like
>
> SSLPassPhraseDialog exec:/path/to/apache-ssl/sbin/pp
>
> where "pp" is an executable shell script that just echoes
> the passphrase. This is insecure because now you have a file on your
> system containing your passphrase in plaintext.
>
> A little poking around probably revealed that most people
> use method 1.
>
> 2. Convert the certificate to a non-password cert, do:
>
> openssl rsa -in server.key-with_pass -out
> server.key-no_pass
>
> where server.key is your private key.
>
> 4. Start it from an "expect" script; while "expect" is not
> part of the standard base Tru64 UNIX package, it may be included in the
> open source software CD and certainly can be had from one or more of the
> open source web repositories.
>
>
> Harihar K
> **************************************************************************
> ******************************
> -----Original Message-----
> >
> > Dear Experts,
> >
> > We have a situation where our Web Server starts
> > up in SSL
> > mode using the command "apachectl startssl". This command
> > needs a password
> > to be passed on everytime the Web Server is started. We are
> > currently trying
> > to automate this so that when the machine is booted up, the
> > web server also
> > starts up without explicitly asking for the password. But
> > we are lost on how
> > to pass the password to the above command in our startup script. Any
> > suggestions please. Thanks.
> >
> > Harihar K
> >
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:49:19 EDT