Skip to content
Bots!
Bots!
  • About
    • Myself
    • আমার দোয়া
  • Bookmarks
    • Bookmarks
    • My OCI Bookmarks
    • Useful Proxmox Commands & Links
    • Learning Nano
    • Useful Sites
    • Useful Virtualbox Command
    • Useful MySQL Command
    • Useful Linux Command
    • BTT-CAS
  • Resources
    • Webinar on Cloud Adoption for Project Managers
  • Photos
  • Videos
  • Downloads
Bots!

Windows Apache SSL

Rumi, July 13, 2012

Open a command prompt and switch to the directory that contains OpenSSL (C:\Apache\bin\, in my case). To create a new certificate request type the following:
view plain print about

openssl req -config openssl.cnf -new -out bob.csr -keyout bob.pem

You’ll be prompted to answer a bunch of questions, the answers to which can all be left blank except for:
PEM pass phrase: This is the password associated with the private key (bob.pem) that you’re generating. This will only be used in the next step, so make it anything you like, but don’t forget it.
Common Name: This should be the fully-qualified domain name associated with this certificate. I was creating a certificate for a site on my local machine which I browsed to via http://savacms/, so I just entered savacms. If I was creating a cert for my blog I would have entered www.silverwareconsulting.com.

When the command completes you should have a two files called bob.csr and bob.pem in your folder.

Now we need to create a non-password protected key for Apache to use:
view plain print about

openssl rsa -in bob.pem -out bob.key

You’ll be prompted for the password that you created above, after which a file called bob.key should appear in your folder.

Finally, we need to create an X.509 certificate, which Apache also requires:
view plain print about

openssl x509 -in bob.csr -out bob.cert -req -signkey bob.key -days 365

And that’s it – you now have a self-signed certificate that Apache can use to enable SSL. I chose to move the required files from C:\Apache\bin\ to C:\Apache\conf\ssl\, but you can put them anywhere as you’ll be pointing to them in your Apache config files.

Step 3 – Enable SSL on Apache

Open your httpd.conf file (which for me is in C:\Apache\conf\) and uncomment (remove the # sign) the following lines:

#LoadModule ssl_module modules/mod_ssl.so
#Include conf/extra/httpd-ssl.conf

Open your httpd-ssl.conf file (which for me is in C:\Apache\conf\extra\) and update the section entitled <VirtualHost _default_:443>. You’ll need to update the values of ServerAdmin, DocumentRoot, ServerName, ErrorLog and CustomLog to match your environment. You’ll also need to point SSLCertificateFile to your .cert file and SSLCertificateKeyFile to your .key file.

Restart Apache and browse to https://localhost/. You’re now accessing your Apache server over SSL!

Step 4 – Create a VirtualHost Entry for Your Site

If you’re like me, you’re running Apache because you want to run multiple sites on your local machine. In that case you undoubtedly have multiple <VirtualHost> entries in your httpd-vhosts.conf file. In order to access a particular site via SSL, you need to add an additional <VirtualHost> entry for it. To illustrate I’ll show you an existing <VirtualHost> entry that I have, and then the new <VirtualHost> that I created to allow me to access that site via SSL. Here’s the original entry:
view plain print about
<VirtualHost *:80>
ServerAdmin bob.silverberg@gmail.com
DocumentRoot C:/wwwroot/savaCMS
ServerName savaCMS
DirectoryIndex index.html, index.cfm
ErrorLog logs/savaCMS-error_log
CustomLog logs/savaCMS-access_log common
<Directory C:/wwwroot/savaCMS>
Options All
AllowOverride All
</Directory>
</VirtualHost>

And here’s the additional entry that I added:
view plain print about
<VirtualHost *:443>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile “C:/Apache/conf/ssl/savacms.cert”
SSLCertificateKeyFile “C:/Apache/conf/ssl/savacms.key”
ServerAdmin bob.silverberg@gmail.com
DocumentRoot C:/wwwroot/savaCMS
ServerName savaCMS
DirectoryIndex index.html, index.cfm
ErrorLog logs/savaCMS-error_log
CustomLog logs/savaCMS-access_log common
<Directory C:/wwwroot/savaCMS>
Options All
AllowOverride All
</Directory>
</VirtualHost>

I can now browse to http://savaCMS/ as well as https://savaCMS/! Hopefully these instructions will be found by the next person who chooses to attempt this.

Src: http://www.silverwareconsulting.com/index.cfm/2009/3/31/Enabling-SSL-on-Apache-on-Windows

Pages: 1 2
Configurations (Windows) ApacheSSL

Post navigation

Previous post
Next post

Myself…

Hi, I am Hasan T. Emdad Rumi, an IT Project Manager & Consultant, Virtualization & Cloud Savvyfrom Dhaka, Bangladesh. I have prior experience in managing numerous local and international projects in the area of Telco VAS & NMC, National Data Center & PKI Naitonal Root and CA Infrastructure. Also engaged with several Offshore Software Development Team.

Worked with Orascom Telecom-Banglalink, Network Elites as VAS partner, BTRC, BTT (Turkey) , Mango Teleservices Limited and Access to Informaiton (A2I-UNDP)

Currently working at Oracle Corporation as Principal Technology Solution and Cloud Architect.

You can reach me [h.t.emdad at gmail.com] and I will be delighted to exchange my views.

Tags

Apache Bind Cacti CentOS CentOS 6 CentOS 7 Debain Debian Debian 10 Debian 11 Debian 12 DKIM Docker endian icinga iptables Jitsi LAMP Letsencrypt Linux Munin MySQL Nagios Nextcloud NFS nginx pfsense php Postfix powerdns Proxmox RDP squid SSH SSL Ubuntu Ubuntu 16 Ubuntu 18 Ubuntu 20 Varnish virtualbox vpn Webmin XCP-NG zimbra

Topics

Recent Posts

  • Install Jitsi on Ubuntu 22.04 / 22.10 April 30, 2025
  • Key Lessons in life April 26, 2025
  • Create Proxmox Backup Server (PBS) on Debian 12 April 19, 2025
  • Add Physical Drive in Proxmox VM Guest April 19, 2025
  • Mount a drive permanently with fstab in Linux April 16, 2025
  • Proxmox 1:1 NAT routing March 30, 2025
  • Installation steps of WSL – Windows Subsystem for Linux March 8, 2025
  • Enabling Nested Virtualization In Proxmox March 8, 2025
  • How to Modify/Change console/SSH login banner for Proxmox Virtual Environment (Proxmox VE / PVE) March 3, 2025
  • Install Proxmox Backup Server on Debian 12 February 12, 2025

Archives

Top Posts & Pages

  • Install Jitsi on Ubuntu 22.04 / 22.10
©2025 Bots! | WordPress Theme by SuperbThemes