10-17-2004
First let's clarify a few terminology ...
So, your cert private key is encrypted with a passphrase and you want to avoid being prompted for passphrase every time on startup?
You need to understand that you want to encrypt your private key with a passphrase to prevent others who are able to get access to your keyfile from extracting the private key except those who knows the passphrase (presumably you). This is especially if the server is not yours, as at least the system root will be able to extract the private key if it is unencrypted.
If the actual passphrase can be found unencrypted in the system somewhere, then this defeats the purpose of using a passphrase at all in the first place. By having the key encrypted, and the passphrase requested on system startup, the passphrase needs not be saved anywhere on the disk.
If you are the administrator of the server and only you have access to the keyfile, then it is reasonably safe to have the key unencrypted. Here tells you how:
http://httpd.apache.org/docs-2.0/ssl...movepassphrase
10 More Discussions You Might Find Interesting
1. IP Networking
hello-
I'm trying to setup a webserver using apache 2.0.53. Can't seem to figure out why my local site isn't coming up.
I've tried the following:
ping -a localhost
localhost (127.0.0.1) is alive
httpd -S
syntax ok
apachectl configtest
syntax ok
netstat -an|grep :80|grep LISTEN... (4 Replies)
Discussion started by: ECBROWN
4 Replies
2. Shell Programming and Scripting
I'm running Solaris 5.9 and Apache 2....
I've created a startup script for Apache....but it doesn't work!!!
it resides in /etc/init.d and has a link to /etc/rc3.d
and if it run it as /etc/init.d/apache_start stop it stops the httpd services and /etc/init.d/apache_start start starts the... (3 Replies)
Discussion started by: Zak
3 Replies
3. Web Development
I get an error when I run the command apachectl status or apachectl fullstatus
here's the error:
Unfortunately, your browser is not supported by Sitebuilder.
Please use Internet Explorer 5.5 or later, or Mozilla.
Already tried to install lynx and enabled ExtendedStatus to On... (1 Reply)
Discussion started by: suspect
1 Replies
4. Shell Programming and Scripting
i need to know all possible reasons for apache not able to execute a command on server side script.
I have a cgi script that calls a shell script .This shell script calls a perl script which has commnad in it.
Ths command is not getting executed from gui.The return status of shell script is 256.... (7 Replies)
Discussion started by: raksha.s
7 Replies
5. UNIX for Dummies Questions & Answers
Hi
While trying to start apachectl in an IBM HTTP server installed in a Sol 10 box,i am facing the following error:
root: ./apachectl start
./apachectl: /opt/IBMHTTPD/bin/httpd: cannot execute
./apachectl start: httpd could not be started
@ /opt/IBMHTTPD/bin
I checked the... (3 Replies)
Discussion started by: Hari_Ganesh
3 Replies
6. Shell Programming and Scripting
I have a shell script, that works when ran in the shell. When placed in the cgi-bin directory, it doesn't work as expected.
Looking at the logs, it seems that some environmental variables are not being passed.
My apache user is www.
For simplicity, here is a sample script I want to run
... (2 Replies)
Discussion started by: streetfighter2
2 Replies
7. Shell Programming and Scripting
Hi,
I have apache ,jboss and jon instances on various linux boxes.I need to create a generic startup script to restart those instances on server reboot.The script requirement is :
It should take the name of instances from one text file named active-servers and recycle those instances.
1.... (6 Replies)
Discussion started by: saurau
6 Replies
8. Shell Programming and Scripting
Hi,
I am building a web interface to run a series of shell scripts that reside on the web server. The bash script are written such that they can be used independently for the task they are meant for, or the same scripts can be run from this web UI. The scripts are mostly for doing software... (1 Reply)
Discussion started by: MacQAGuy
1 Replies
9. Shell Programming and Scripting
Hi,
I have a problem with running out of memory in my Ubuntu web server (4GB RAM) because many people try to access my server.
I used to restart manually my apache server to clear out the memory & swap.
Can anyone tell me how to write bash script that can automatically restart apache when... (2 Replies)
Discussion started by: nica
2 Replies
10. Red Hat
I was trying to install apache using the following url
Compiling and Installing - Apache HTTP Server
when I try to start http it prompts me the following error
oracle@localhost httpd-2.4.4]$ su -c '/usr/local/apache2/bin/apachectl -k start'
Password:
/usr/local/apache2/bin/httpd: ... (1 Reply)
Discussion started by: jediwannabe
1 Replies
LEARN ABOUT SUSE
gpg-preset-passphrase
GPG-PRESET-PASSPHRASE(1) GNU Privacy Guard GPG-PRESET-PASSPHRASE(1)
NAME
gpg-preset-passphrase - Put a passphrase into gpg-agent's cache
SYNOPSIS
gpg-preset-passphrase [options] [command] cache-id
DESCRIPTION
The gpg-preset-passphrase is a utility to seed the internal cache of a running gpg-agent with passphrases. It is mainly useful for unat-
tended machines, where the usual pinentry tool may not be used and the passphrases for the to be used keys are given at machine startup.
Passphrases set with this utility don't expire unless the --forget option is used to explicitly clear them from the cache --- or gpg-agent
is either restarted or reloaded (by sending a SIGHUP to it). It is necessary to allow this passphrase presetting by starting gpg-agent
with the --allow-preset-passphrase.
gpg-preset-passphrase is invoked this way:
gpg-preset-passphrase [options] [command] cacheid
cacheid is either a 40 character keygrip of hexadecimal characters identifying the key for which the passphrase should be set or cleared.
The keygrip is listed along with the key when running the command: gpgsm --dump-secret-keys. Alternatively an arbitrary string may be used
to identify a passphrase; it is suggested that such a string is prefixed with the name of the application (e.g foo:12346).
One of the following command options must be given:
--preset
Preset a passphrase. This is what you usually will use. gpg-preset-passphrase will then read the passphrase from stdin.
--forget
Flush the passphrase for the given cache ID from the cache.
The following additional options may be used:
-v
--verbose
Output additional information while running.
-P string
--passphrase string
Instead of reading the passphrase from stdin, use the supplied string as passphrase. Note that this makes the passphrase visible
for other users.
SEE ALSO
gpg(1), gpgsm(1), gpg-agent(1), scdaemon(1)
The full documentation for this tool is maintained as a Texinfo manual. If GnuPG and the info program are properly installed at your site,
the command
info gnupg
should give you access to the complete manual including a menu structure and an index.
GnuPG 2.0.15 2010-07-05 GPG-PRESET-PASSPHRASE(1)