Apache2 asks for passphrase of certificate on reboot or restart of service

  • 7024730
  • 14-Jul-2020
  • 14-Jul-2020


GroupWise 2014
GroupWise 18


Whenever restarting Apache2 or rebooting the server, you are prompted for the passphrase of your private key


In order to have apache2 not ask for the passphrase for the private key, you will need to create a new key from the key that has the passphrase using openssl.

To generate a key without a passphrase:

1. Change directories to where you private key and certificates are stored.
2. Type "openssl rsa -in <name of key with passphrase> -out nopassphrase.key" and press Enter.
3. Enter the pass phrase of the Private Key.

Example: openssl rsa -in server.key -out nopassphrase.key

Note: the -out can be whatever name as it will be a new key. In the example, nopassword.key is being used so in the future there is no mistaking which key does not have a passphrase.

4. Once this command is run, the output (-out <name.key>) will be put in your current working directory.
5. Change directories to /etc/apache2/vhost.d and open the vhost-ssl.conf file with a text editor.
6. Find the line SSLCertificateKeyFile
7. Change it to point to your new key without a passphrase.
8. Restart apache2 and verify that it doesn't ask you for a passphrase.


If there is a passphrase on an a key for apache2 then it will need it in order to start the service.