GCE Debian Wheezy VM stops at Pass phrase protected Apache2 SSL Cert. dialog
Niltze, all-
Well, doing my part in the security of the Web :p
I run Apache web server in a GCE VM [different email account than this
one] and decided to acquire an SSL certificate which I successfully
installed under Debian Wheezy a few days ago.
For added security, I pass-phrased-protected the SSL certificate so
that when I restart the web server I need to input my pass phrase.
I had no issues whatsoever until today that I did an: apt-get
dist-upgrade for a newer kernel. Upon doing a reboot I found out that
my port 22 is closed but my web server ports 80 and 443 are open.
I used nmap to scan for my open ports as well as the tcping utility.
Accordingly, I get the message connection refused whenever I use
gcloud or ssh to attempt to log into my GCE instance.
After using gcutil and gcloud to reset my GCE instance -- multiple
times -- the outcome was the same. Accordingly I did:
gcloud compute instances get-serial-port-output myInstance
Below is the last message of the output that indicates that GCE Debian
Wheezy instance needs the passphrase before proceeding further (and
starting sshd):
----------------------------------------------------------------------------------------
...
Oct 19 07:53:51 myInstance acpid: 1 rule loaded
Oct 19 07:53:51 myInstance acpid: waiting for events: event logging is off
[....] Starting web server: apache2Apache/2.2.22 mod_ssl/2.2.22 (Pass
Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Server myInstance.x.xyz-host.internal:443 (RSA)
Enter pass phrase:
--------------------------------------------------------------------------------------
I tried detaching the disk to subsequently mount onto another instance
but the command fails with:
--------------------------------------------------------------------------------
ERROR: (gcloud.compute.instances.detach-disk) There was a problem
modifying the resource:
- Hot-remove of the root disk is not supported.
-------------------------------------------------------------------------------
Now, gcutil and gcloud utilities can reset (reboot) the instance but
can not shut it down completely (that I'm aware) -- which would allow
me to detach the disk.
Is there a way to provide (as parameter) the passphrase that the web
server requires to start apache2 and thus continue/complete the boot
process to start ssh server so that port 22 will be opened?
Best Professional Regards
--
Jose R R
http://www.metztli-it.com
---------------------------------------------------------------------------------------------
NEW Apache OpenOffice 4.1.1! Download for GNU/Linux, Mac OS, Windows.
---------------------------------------------------------------------------------------------
Daylight Saving Time in USA & Canada ends: Sunday, November 02, 2014
---------------------------------------------------------------------------------------------
Reply to: