G.6 Create a password file (sslpasswd command)
If you want to omit the password input when starting the Web server, create a password file.
When you use the server private key protected by a password, you can save the password in advance in a file and set the directive to omit the password input when restarting the server. This procedure is described below. Note that the following procedure is required when you use the server private key protected by password:
-
Create a server private key with a password by using the keygen command.
-
Create a password file by the sslpasswd command.
-
Set the SSLCertificateKeyPassword directive that specifies the created password file together with the SSLCertificateKeyFile directive that specifies the server private key file in the httpsd.conf.
-
Start or restart the server.
- Important
-
You need to take care when protecting the password file items. Set the directory permissions and the file permissions to prevent other users from accessing the storage directory of the server private key, and also prevent them from accessing the storage directory of the password file.
Format
sslpasswd server-private-key-file-name password-file-name
Arguments
- server-private-key-file-name
-
Specify the password protected server private key. Specify the private key file created by using the keygen command.
- password-file-name
-
Specify the name of the file that outputs password.
- Important
-
You cannot specify an existing file name as the password file name.
Example
To create a password file keypasswd, specify as follows:
sslpasswd httpsdkey.pem .keypasswd
Related Topics