How can I get rid of the pass-phrase dialog at Apache startup time?
The reason why this dialog pops up at startup and every re-start is
that the RSA private key inside your server.key file is stored in
encrypted format for security reasons. The pass-phrase is needed to be
able to read and parse this file. When you can be sure that your server
is secure enough you perform two steps:
Remove the encryption from the RSA private key (while preserving the original file):
$ cp server.key server.key.org
$ openssl rsa -in server.key.org -out server.key
Make sure the server.key file is now only readable by root:
$ chmod 400 server.key
Now server.key will contain an unencrypted copy of the key. If you
point your server at this file it will not prompt you for a
pass-phrase. HOWEVER, if anyone gets this key they will be able to
impersonate you on the net. PLEASE make sure that the permissions on
that file are really such that only root or the web server user can
read it (preferably get your web server to start as root but run as
another server, and have the key readable only by root).
As an alternative approach you can use the ``SSLPassPhraseDialog
exec:/path/to/program'' facility. But keep in mind that this is neither
more nor less secure, of course.