These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Enable Passphrase while creating CSR on Virtualmin on the new forum.
Web Hosting and Cloud Computing Control Panels
That's not currently supported (though you can add an existing cert/key pair that has a passphrase).
The problem with passphrases is you have to handle providing it on reboots and service restarts. Most folks don't use this option, as it means if your server or Apache ever restarts unattended or by some user who doesn't know the passphrase, your web service will be dead until someone who does comes along to fix it. Since Virtualmin has to reload/restart Apache anytime web service configuration changes (and non-root users can trigger a restart event), this would just be too dangerous on a shared hosting system.
The additional security provided by it is somewhat debatable, as well. Private keys would only be accessible to someone who has the privileges needed to install a new certificate, anyway. I guess it would prevent someone from stealing a private key and using it for a MitM attack, but that seems like a pretty unlikely attack vector, as well.
--
Check out the forum guidelines!
Hey, Joe thanks for the response :)
The reason, is I am generating a wildcard cert for it to be used on multiple systems, but some systems make the passphrase mandatory like Vcenter etc.
So looks like although I cannot create a phaseprase from Virtualmin, I could use the CentOS command line to create one, correct?
thanks Anto
Sure, Virtualmin doesn't care if a cert has a passphase. But, you will likely run into problems if you allow users to use any Virtualmin features that trigger a restart of Apache (by problems, I mean, Apache will fail to start, waiting for input). They may be secret management tools out there that can make it work, but I don't have any familiarity with them.
--
Check out the forum guidelines!
So what you are saying is, if I import an SLL cert with a passphrase will cause issues when I restart Apache? so if I was restarting the server Apache would not start? Is there a way to make it start?
Also, i am looking for some pointers on How to create a CSR on CentOS with the ability to create a passphrase along with it?
Thanks for your time
Thanks Anto
Every time Apache restarts, it's loading the certificate, so yes it needs the passphrase again, meaning it always needs root-level intervention (which means you cannot allow Virtualmin domain owners to have access because there are some actions that can trigger a graceful restart, but even a graceful restart leads to reloading certs).
I don't know of any way to make it start aside from giving it a passphrase when it needs it. Maybe there's a secrets management tool out there to do it (similar to the gpg agent that makes key management a little friendlier by caching authorizations for a time), but I do not know of one and have never used one. Standard practice is to use certificates without a passphrase. Having a certificate compromised is not the worst thing that can happen...the worse thing is something that has to have already happened for the cert to become compromised (i.e. the attacker has to already have root, or a virtual server owner, login in order to compromise a certificate). If a user has access to your certificates, they have all the access they need to exploit you web traffic in some way...which is exactly what compromising the cert gets them.
Here's a pretty good discussion about the topic: https://security.stackexchange.com/questions/70495/ssl-certificate-is-pa...
--
Check out the forum guidelines!