certificates:certificates:remove_the_password_from_a_rsa_private_key
Certificates - Remove the password from a RSA private key
To test whether the SSL certificate is password-protected, examine the beginning of the keyfile using the command:
head -3 your.key
Result:
This private key is encrypted:
-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,C251E8A1254B933D763703EE1C364AB7
This file is not encrypted:
-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAvbeWtO9nQP4cFFuhGrOM/WQ73oTQHU7mzZB9CaA3R2iwjDNz wwlDtT9tfo0tCC2ib9STfeM6AYrdI3wauzCu7AV4CFGSMP3HLX8DJuk8zzbdQHHv
To remove the password from a RSA private key, use the following command:
umask 077 mv your.key old-with-pass.key openssl rsa -in old-with-pass.key -out your.key
The umask 077 command is necessary to ensure that the new key is not created with overly relaxed permissions. Alternatively, you can manually change the mode of the file with chmod 400 new.key. Depending on the location of the key, you might have to prefix the openssl, mv and chmod commands with sudo.
certificates/certificates/remove_the_password_from_a_rsa_private_key.txt · Last modified: 2020/07/15 10:30 by 127.0.0.1