Remove the passphrase from a private key with OpenSSL (2026)
An encrypted private key makes Apache/nginx prompt for a passphrase on every start — a problem for unattended reboots. OpenSSL can write an unencrypted copy. Here's how, for RSA/EC/any key, plus why you should lock the file down and what the safer alternatives are.