解决apache ssl证书问题 "Enter pass phrase:"
[问题描述]
在apache配置数字证书的情况下,会出现如下状况:
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Server xxx.com:443 (RSA)
Enter pass phrase:
[期望结果
]
启动apache时不要再要求输入密码。
[解决方案
]
有很多解决方案,在此仅说最常用的一种。
第一步、 检查ssl配置
NameVirtualHost *:443
<VirtualHost *:443>
ServerName ***.com
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /home/admin/*.crt
SSLCertificateKeyFile /home/admin/*.key
DocumentRoot /home/admin/xxx
</VirtualHost>
第二步、 查看httpd.conf的IfModule ssl_module 配置项
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLSessionCache dbm:/home/admin/xxx/logs/ssl_scache
SSLSessionCacheTimeout300
SSLMutexfile:/home/admin/xxx/logs/ssl_mutex
SSLPassPhraseDialogexec:/home/admin/xxx/conf/apache_pass.sh
</IfModule>
最关键的地方就是“SSLPassPhraseDialog exec:/home/admin/xxx/conf/apache_pass.sh”
apache_pass.sh 内容如下:
#!/bin/sh
echo "password"
页:
[1]