Hi Ben,
The Apache configuration is read twice, once before detaching and once
after. So, the second passphrase read is caused by the second config
read. Of course, it'll also fail if Apache is restarted, which is why my
advice is normally to not have a passphrase on the key (since its stored
in memory in the Apache process, the value of passphrasing it is dubious
in any case).
I think that reading the key from the memory is still a bit harder
for a script kiddie than reading the key from a file, so it is worth
keeping the key protected by a passphrase.
Anyway, we are forced to use encrypted keys by our CA policy, which
is beyond reasoning :-)
So I'm trying to figure out what to do. As Christoph pointed out,
the problem arises from reading the config file while already
being detached from the tty. Could you give us a hint how to fix
that? Which change in the code might have broken it? Password
protected keys worked well with potato apache-ssl and still work
with our Apache/1.3.26 Ben-SSL/1.48 (AIX) server, so there
seems to be a chance to fix the flaw in debian
apache-ssl-1.3.26.1+1.48.