Website(s) were up. I changed my config files in sites-enabled, then ran:
apache2ctl configtest
Got: Syntax OK
Then ran:
apache2ctl graceful
Got returned to the command prompt. No messages. The websites went down, did not restart. Also, I wasn't prompted for a passphrase which I should have been since my key has it.
So I put back the old configs (quickly) and restarted.
Does apache2ctl graceful not support the passphrase ? No error messages were in error.log files. Just "[notice] Graceful restart requested, doing restart", then nothing.
UPDATE 7/8 : After searching other error logs (previously just checked main one), I found this:
SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Do a full restart, not a graceful one. Your change to have the private key unencrypted should also work.
Conceptually, I can't imagine the
apachectlprocess being able to prompt for a new passphrase for a startup when the main process is only being sent signals byapachectl, not being spawned by it.In more concrete terms - this 7-year-old posting on a bug report confirms that the behavior that you're seeing is expected - sorry, couldn't find anything more recent confirming that the issue still exists in current apache versions, but it fits.