יום חמישי, 25 באפריל 2013

openssl usage: remove passphrase from rsa key

This issue maybe outdated and probably has a 1000 better resolutions which consider security precautions, as this method does not.
It is risky to use it and I would never advise using this practice on production servers; however:
creating passphrase-less SSL keys has its twisted benefits for when you want to have ssl on apache/nginx reloading without needing any addon to provide the passphrase, you can use the following method to re-pack the keys after creating them:
cp www.domain.com.key passphrase.www.domain.com.key
openssl rsa -in passphrase.www.domain.com.key -out www.domain.com.key
again, this compromises your key and security. avoid from using it on production systems.