Apache, SSL, and "Getting Rid of the Passphrase"

Removing the passphrase from your SSL key

Author: M Butcher
Date: 2008-07-14 13:04:55 -0400

When initially setting up Apache or another web server for SSL-encrypted HTTPS, one of the key steps is generating your public and private key files. This can be done several ways. The most common method (in the UNIX/Linux world, at least) is to use the OpenSSL program.

Once the key is generated and signed, it is then plugged into the server. In Apache, this is done by configuring mod_ssl.

But once the server is configured, many administrators are surprised to find Apache interrupt it's boot-up process to ask for a passphrase.

Why does it do this?

The SSL key file is protected by a passphrase that you probably entered during the creation of the key file. When mod_ssl initializes, it needs to unlock that key file so that it can use it for decrypting data encrypted using the public key file.

Removing the Passphrase from an SSL Key File

To get rid of the passphrase prompt, what you need to do is remove the passphrase from the key. CAUTION: What you are essentially doing when you remove the passphrase is storing your key unprotected. You should therefore take precautions that this key does not get into the wrong hands. In fact, some servers (sendmail comes to mind) will not start up if they detect that the key's permissions are too weak.

Remove the key's passphrase? Isn't that a bad idea? Unfortunately, it seems to be a necessary step for configuring SSL/TLS-based servers, and you will have to do something similar for IMAP, SMTP, LDAP and other servers, too -- the problem does not just impact web servers.

The first thing to do when removing the passphrase from a key is to make a backup copy of the key. The OpenSSL tools can be a little complex to use, and you don't want to destroy your key file.

Removing the key is simple, and is a task so common that it is shown in full in the OpenSSL man pages (though you have to have a pretty good idea as to how OpenSSL works before you can find the entry in the man pages).

Here's the command:

$ openssl rsa -in mykey.pem -out myclearkey.pem

What this does is use the openssl master program with the rsa tool to load the key (-in mykey.pem), prompt you for a passphrase, and then store the unlocked key in myclearkey.pem.

Not all keys are RSA. Some are DSA, in which case you will need to replace rsa with dsa in the above example.

Once you have an unlocked key, you can just point the Apache configuration file to that key instead of the passphrase-protected key. You can then restart or reload Apache.

What about protecting the key?

Here are some steps that can be taken to secure your key file. Keep in mind that these steps are not failsafe.

Most web servers start up as the root user (assuming they are started by init when the server is booted). The configuration file is loaded by root, and the socket server is set up. Then the "worker" part of the program is run as some other user (named something like www-data, apache, or httpd).

The SSL subsystem is initialized by root. Consequently, you can lock down the key file so that only the root user can read it.This is typically done with a command like this:

$ chown root:root myclearkey.pem
$ chmod 400 myclearkey.pem

First we set the file's ownership to user root, group root. Then we set the mode to allow only read (4) for the user, and no permissions (0) for the group and everyone else.

This will minimize the danger of the SSL information falling into the wrong hands.