SSL Connections

I've been experimenting with the SSL connection support.  Unfortunately I can't
get the postmaster to start because the instructions in the documentation for
setting up a certificate don't work.

They say:
=============================================================================
For details on how to create your server private key and certificate, refer
to the OpenSSL documentation... To create a quick self-signed certificate, use
the CA.pl script included in OpenSSL:

CA.pl -newcert

Fill out the information the script asks for. Make sure to enter the local
host name as Common Name. The script will generate a key that is passphrase
protected. To remove the passphrase (required if you want automatic
start-up of the postmaster), run the command

openssl x509 -inform PEM -outform PEM -in newreq.pem \        -out newkey_no_passphrase.pem

Enter the old passphrase to unlock the existing key. Copy the file newreq.pem
to PGDATA/server.crt and newkey_no_passphrase.pem to PGDATA/server.key.
Remove the PRIVATE KEY part from the server.crt using any text editor.
=============================================================================

The openssl x509 command runs with no interaction; this documentation seems
to indicate that it will ask for a password.

I can't find anything in the SSL documentation about removing or
changing the passphrase.

Has anyone successfully done this? and if so, how is the documentation
quoted above inforrect?


-- 
Oliver Elphick                                Oliver.Elphick@lfix.co.uk
Isle of Wight                              http://www.lfix.co.uk/oliver
PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47  6B 7E 39 CC 56 E4 C1 47
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839  932A 614D 4C34 3E1D 0C1C
========================================   "And she shall bring forth a son, and thou shall call      his name JESUS;
forhe shall save his people from      their sins."            Matthew 1:21