I'm following a Python twisted tutorial in which an echo server is being set up in order to talk to a client over a ssl transport layer. The end goal is to obtain an encrypted connection towards our end product. From GUI to a remote embedded client.
The application can be found here: Twisted matrix SSL example
I've created a set of keys like this:
$ openssl req -x509 -newkey rsa:4096 -keyout keys/server.key -out keys/server.crt -sha256
This works except for the fact that the server in this case keeps on asking for the PEM passphrase at every connection from the client.
Enter PEM pass phrase:
My question: How can I make this setup work without inserting my password every time? I'm afraid to make some hacker friendly mistake in this matter so I would also appreciate any additional safety tips.
TY
I've found a solution ( or workaround ) for this particular problem. I just route the key back into openssl to create a new one.
The first time it would not let me create a key without a pass phrase. This time it only needs a passphrase for accessing the first key. I can't help thinking this is just a trick.
openssl rsa -in server.key -out server_bis.key
Now it works without asking for password every time the client connects. Zero points for security :-)