I recently just setup a new SSL Certificate on marcqualie.com and ran into a little glitch that wasn't explained in the setup process, but luckily I already knew how to fix as I've installed these many times before. When you generate the .key file you must put a password on it, which is a good idea, but impractical for use on an Apache server. All goes well until your restart, during which is asks for the password before the server can start. This is a huge problem, especially if your server crashes, or restarts and there's no one around to type in the password, your entire site will be down because the Apache process will be locked up waiting for this password. Luckily there is a simple workaround. Make sure you backup your original key first, just in case!
cp server.key server.pass.key
openssl rsa -in server.pass.key -out server.key

It really is as simple as that. Next time you restart Apache you won't be prompted for the password. Hope this helped someone out. Keep checking back for new snippets, or feel free to ask me for help.


Posted 03 Aug 2011 by Marc Qualie