I believe what you are looking for is the SSLPassPhraseDialog directive, typically used in the ssl.conf file.
http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslpassphrasedialog You can take measures to obscure the passphrase or private key in various ways but you can't protect from someone who's gotten root access on your system and knows what they're doing. There are numerous tricks they can use to get the private key or passphrase though it takes a little work. If just want the passphrase in a file, you can use the exec:/path/to/program option where the program is a simple shell script or similar that echos the file to stdout for Apache. This trick is useful also if you're debugging your own passPhrase program like I recently did. That allows you to verify the pass phrase independently of your program. Later, "A rainbow is only part of a circle." San Joser, CA ^ ^ Software Consultants: http://www.migration.com/ O o Permanent: [EMAIL PROTECTED] ===-o-=== My catbox: http://www.madkatz.com/ Ack! Phththpph! 2001 Clean Air Champion http://www.baaqmd.gov/pie/press/cachamp01.pdf My True Zero Emission Vehicle (TZEV) GM EV1 and my home are powered by the 100% renewable, Zero Emissions Electricity (ZEE) 30kWh/day Solar Electric (PV) system on my roof which will pay for itself in about 6 years, 12% annualized return on investment: http://www.madkatz.com/pv/index.html Sometimes I see gas cars... In my rearview mirror! http://www.gmev.com/ President, Electric Auto Association, San Jose Chapter http://www.geocities.com/sjeaa/ EV List Archive Owner,Admin http://www.crest.org/discussion/ev/current/ Electric Vehicle Email List Instructions: (EVList members: Bookmark it!) http://www.madkatz.com/ev/evlist.html ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]