Hi, > One solution which I use is this... I have both my cert.pem and > cert.key file in in a directory... I then run the following: > > openssl x509 -in cert.pem -out /etc/apache/ssl.crt/server.crt > openssl rsa -in cert.key -out /etc/apache/ssl.key/server.key > chown root:root /etc/apache/ssl.key/server.key > chmod 0600 /etc/apache/ssl.key/server.key > > This allows me to restart apache without incident...
thank you for the hint. But this is a workaround and not a real solution. Yes, it works for me, too: > > When I remove the passphrase from /etc/apache-ssl/secret.key (such > > that it is only proteced by its file permissions) then apache-ssl > > works fine. This is, however, not really an option for me since I am required (by the policy of the CA) to protect the server key by a nontrivial passphrase. Cheers, Thomas
