Releasing an SSL certificate passphrase

System Administrator Guide for VSP E990 and VSP G130, G/F350, G/F370, G/F700, G/F900

Part Number

An SSL certificate cannot be applied for the SVP if the passphrase is set. If the passphrase is set, release the passphrase for the SSL certificate before applying the SSL certificate to the SVP. The following procedure explains how to verify and release the passphrase settings.

  • A private key (.key file) has been created.
  • OpenSSL must be installed. In this procedure, it is installed in C:\openssl.
  1. Open a command prompt window with administrator permissions.
  2. Move the current directory to the folder (for example, C:\key) where the key file is stored, and run the following command:
    Executing this command will overwrite the current key file. To prevent loss of the key file, do one of the following:
    • Back up the key file first.
    • Use a different key file input destination and output destination.

    When OpenSSL is installed:

    C:\key>c:\openssl\bin\openssl rsa -in key-file-input-destination -out key-file-output-destination

    When using OpenSSL on the SVP:

    C:\key>c:\Mapp\OSS\apache\bin\openssl rsa -in key-file-input-destination -out key-file-output-destination

    Note: C:\Mapp indicates the installation directory for the storage management software and SVP software. Specify C:\Mapp for the installation directory if another directory is specified for the installation directory.

    If Enter pass phrase for server.key: is displayed, the passphrase is set. Enter the passphrase. The passphrase in the SSL private key will be released, and the SSL certificate can be applied to the SVP.

Example (when passphrase is set)

C:\key>c:\openssl\bin\openssl rsa -in server.key -out server.key
Enter pass phrase for server.key: "Enter passphrase"
Writing RSA key

Example (when passphrase is not set)

C:\key>c:\openssl\bin\openssl rsa -in server.key –out server.key
Writing RSA key