removing a passphrase from a X.509 certificate

If you are running services relying on certificates (mostly encryted onces, like TLS or SSL based ones), you normally don’t want to enter any kind of password each time the service starts (like with an externally reachable HTTPS server that is supposed to come up without any user interaction).

Instead what you need after getting a fitting X.509 certificate is to remove the passphrase from the private key.

So in order to do so, you can remove the key using the following simple openssl commands on your certificate file:

openssl rsa -in mycert.pem -out newcert.pem
openssl x509 -in mycert.pem >>newcert.pem

Found on

Spread the love

Leave a Reply

Notify of

Post Navigation