I think I've got a solution to the problem here.
I've modified mod_ssl so that the server certificates and keys are re-read on
restarts. However, because this happens after the server disassociates from the
terminal, I've set it up so that this only happens if there are no
SSLPassPhraseDialog commands which specify the "builtin" option, which is the
default. Then I added an option of "none" for the SSLPassPhraseDialog which
says that all keys will be unencrypted.
Let me explain why things are done this way: First, I could not just simply
reload the certificates and keys on every restart, because those who use the
builtin pass phrase dialogue would have their server die when they restarted
it. We would rather not reload the certificates for these users, so that they
can have a graceful restart which works for everything except changing
certificate and keys.
The option of "none" was added to the SSLPassPhraseDialog for the server setups
store the keys unencrypted. These configurations were probably using "builtin"
for SSLPassPhraseDialog, even thought the builtin pass phrase prompt was not
being used. Now with the "none" option, mod_ssl can be told that no prompting
for pass phrases should happen, and, knowing this, it is then able to re-read
the keys and certificates safely on restarts. (There is an added bonus that if
an encrypted key is accidentally generated, the server will die on startup
instead of just block waiting for a passphrase.)
This is fully reverse compatible.. it will not break anyone's setup. And for
those who specify "exec:" or "none" for SSLPassPhraseDialog, the certificates
and keys will be re-read on restarts, solving the server crash problem that
this bug report was about.
I've attached the patch. This is just an update for the source code.. Ralf, I
thought I'd let you handle the documentation.
- David Harris
Principal Engineer, DRH Internet Services
mod_ssl-2.3.5-1.3.6_reloadcert.patch