Restarting HTTPs service

MST · 02-17-2023, 08:46 AM

Hello,

Any work around for certificate password in hash when restarting HTTPD service in Linux?
I know how to manually restart the service so after that I have to put SSL cert password.

Is there any work around if I want to create the script and put the password in the script.

Thank you,

bathory · 02-17-2023, 10:03 AM

Quote:

Originally Posted by MST

Hello,

Any work around for certificate password in hash when restarting HTTPD service in Linux?
I know how to manually restart the service so after that I have to put SSL cert password.

Is there any work around if I want to create the script and put the password in the script.

Thank you,

If you want to store the ssl passphrase in a file in clear text, read this

Regards

szboardstretcher · 02-17-2023, 10:22 AM

If you are going to put a password on a cert, then have that password in a script on the same box, is there any reason to have the password in the first place? Seems like extra steps to have no security...

maw_walker · 02-17-2023, 10:22 AM

When you generate or get the certificate from whomever you got it from, If you don't specify a password when creating the certificate, then you won't prompted. The caveat to this is you have to protect the certificate private key because if someone can get a hold of it, they can impersonate your server. Hard coding passwords s never a good idea but if someone is on your box and can get at the script, you've got bigger issues...

dugan · 02-17-2023, 11:24 AM

The standard way is to have the script read the password from an environment variable.

elgrandeperro · 02-17-2023, 03:11 PM

It provides no security for apache. It is just something to annoy you. So you can remove it using openssl.