Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2016-07-05 09:11:12.0

How can I change the pass-phrase on my private key file for Apache using OpenSSL?

Article Number: 42936

Servers effected: Apache mod_ssl and open_ssl

Question:

How can I change the pass-phrase on my private key file for Apache using OpenSSL?

Answer:

To change the pass-phrase,  you will need to specify the old pass-phrase and then specify the new pass-phrase. You can accomplish this task with the following commands:

Step 1: To chnage the pass-phrase, enter the following at command prompt:

$ openssl rsa -des3 -in server.key -out server.key.new

Step 2: To overwrite the new key file with the new pass-phrase, enter the following at command prompt:


$ mv server.key.new server.key

You will be asked two times for the pass-phrase. At the first prompt enter the old pass-phrase and at the second prompt enter the new pass-phrase.

Verify that the new password is being used by this command:
#openssl rsa -noout -text -in /ssl.key/server.key (ssl.key is the full directory)

TN5898

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 1 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cert Admin Advantage Server Certificate 1 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cert Admin Advantage Server Certificate 2 Year Version Not Applicable Language Not Applicable Platform Not Applicable