If you don't know the passphrase, you must generate a new keypair, and
get that public key certified into a new certificate. (For more
information, including the appropriate commands, please refer to the
FAQ on openssl.org and any special instructions provided by your CA.)

Apache will use PrivateKeyFile and CertificateFile directives (in the
httpd.conf) to figure out what files to load from. It will load
without a passphrase complaint if the private key is not encrypted by
a passphrase.

As a side note, if the machine has the ability to start Apache without
a passphrase complaint on bootup but is having trouble when you try to
start it manually, then the passphrase is somewhere on the disk
(probably in the rc.d script to start Apache, or referenced from
there). You might be able to locate it by looking through the startup
scripts.

Good luck.

-Kyle H

On Sun, Jun 1, 2008 at 2:25 PM, Billy Chan Ting wrote:
> Hi there,
>
>
>
> Im trying to update an SSL certificate on our server (CentOS) but its asking
> for a pass phrase for the server before I can restart httpd and apache. The
> guys that created the current expired certificate don't work here anymore.
>
>
>
> How can I overwrite the pass phrase? How do I know which key or certificate
> file apache is currently referring to?
>
> Really need your help as our wireless hotspot login is not working at the
> moment because apache is not running.
>
>
>
>
>
> Kind regards,
>
> Billy Chan-Ting
>
> Systems Analyst/Webmaster
>
> Computer Services Limited, Apia, SAMOA
>
> Tel685) 20926 ext 31
>
> Mobile: 7702615
>
> Email: billy@csl.ws
>
> Ground Floor, SLAC Building
>
> Need a website? www.csl.ws/web
>
> Having database problems? www.csl.ws/db
>
>
>
>
>
>

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org