Unable to start stream when using encrypted TLS key

[andrewfrongello]

I am working on setting up motion and ran into an issue where the stream fails to start when using an encrypted TLS key.

I found a solution through Issue #971. Doing some testing, it seems like the difference between the stream working versus not is using a key generated with the -noenc parameter in the openssl req command. (According to the openssl req manpage, -noenc is the replacement for the deprecated -nodes parameter).

Does motion support the use of encrypted TLS keys? Maybe I am not doing something correctly? Even though I am storing the key in a read-restricted directory, I suppose it is better if the key is stored in an encrypted state for added layer of security.

I looked at the source code in attempt to identify a cause but am not knowledgeable enough to follow the code and cannot determine if this is a bug or if the feature isn't available.

Thank you in advance for any insights and thank you for making this software!

[tosiara]

No, you cannot use encrypted key, because motion does not know the password and would not be able to unlock the key. You must remove the password from the key