Remove Passphrase from SSL keys Linux

Summary: In this post i explain how to Remove Passphrase from SSL keys. It’s nice to have password protected your ssl keys. But some time it becomes, confusing to set it in the right way on the server. One of the unfortunate side-effect of these password protected private keys which are also know as pass-phrased private key’s, that every time your webserver is going to restart it will asked you to enter password to start back.
It is obviously not convenient to have Eye on it when your server is live. If the webserver crash and you have set some script back online the server you have to put the password to start the webserver. It can be done through script to get the password from a file. But if you are putting the password in a file then there is no need to have password for the key.Because the security will be break and some one can easily find the password if the server compramise.

It is possible to remove the encryptions from the key, and you don’t need to place password every time when the server is rebooting.

With that being said, use the following command to remove the pass-phrase from the key:

cp server.key server.key.org
openssl rsa -in server.key.org -out server.key

The newly created server.key file has no more passphrase in it.

-rw-r–r– 1 root root 745 Jun 29 12:19 server.csr
-rw-r–r– 1 root root 891 Jun 29 13:22 server.key
-rw-r–r– 1 root root 963 Jun 29 13:22 server.key.org

Leave a Reply

Your email address will not be published. Required fields are marked *