Windows Apache SSL Rumi, July 13, 2012 Open a command prompt and switch to the directory that contains OpenSSL (C:\Apache\bin\, in my case). To create a new certificate request type the following: view plain print about openssl req -config openssl.cnf -new -out bob.csr -keyout bob.pem You’ll be prompted to answer a bunch of questions, the answers to which can all be left blank except for: PEM pass phrase: This is the password associated with the private key (bob.pem) that you’re generating. This will only be used in the next step, so make it anything you like, but don’t forget it. Common Name: This should be the fully-qualified domain name associated with this certificate. I was creating a certificate for a site on my local machine which I browsed to via http://savacms/, so I just entered savacms. If I was creating a cert for my blog I would have entered www.silverwareconsulting.com. When the command completes you should have a two files called bob.csr and bob.pem in your folder. Now we need to create a non-password protected key for Apache to use: view plain print about openssl rsa -in bob.pem -out bob.key You’ll be prompted for the password that you created above, after which a file called bob.key should appear in your folder. Finally, we need to create an X.509 certificate, which Apache also requires: view plain print about openssl x509 -in bob.csr -out bob.cert -req -signkey bob.key -days 365 And that’s it – you now have a self-signed certificate that Apache can use to enable SSL. I chose to move the required files from C:\Apache\bin\ to C:\Apache\conf\ssl\, but you can put them anywhere as you’ll be pointing to them in your Apache config files. Step 3 – Enable SSL on Apache Open your httpd.conf file (which for me is in C:\Apache\conf\) and uncomment (remove the # sign) the following lines: #LoadModule ssl_module modules/mod_ssl.so #Include conf/extra/httpd-ssl.conf Open your httpd-ssl.conf file (which for me is in C:\Apache\conf\extra\) and update the section entitled <VirtualHost _default_:443>. You’ll need to update the values of ServerAdmin, DocumentRoot, ServerName, ErrorLog and CustomLog to match your environment. You’ll also need to point SSLCertificateFile to your .cert file and SSLCertificateKeyFile to your .key file. Restart Apache and browse to https://localhost/. You’re now accessing your Apache server over SSL! Step 4 – Create a VirtualHost Entry for Your Site If you’re like me, you’re running Apache because you want to run multiple sites on your local machine. In that case you undoubtedly have multiple <VirtualHost> entries in your httpd-vhosts.conf file. In order to access a particular site via SSL, you need to add an additional <VirtualHost> entry for it. To illustrate I’ll show you an existing <VirtualHost> entry that I have, and then the new <VirtualHost> that I created to allow me to access that site via SSL. Here’s the original entry: view plain print about <VirtualHost *:80> ServerAdmin bob.silverberg@gmail.com DocumentRoot C:/wwwroot/savaCMS ServerName savaCMS DirectoryIndex index.html, index.cfm ErrorLog logs/savaCMS-error_log CustomLog logs/savaCMS-access_log common <Directory C:/wwwroot/savaCMS> Options All AllowOverride All </Directory> </VirtualHost> And here’s the additional entry that I added: view plain print about <VirtualHost *:443> SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile “C:/Apache/conf/ssl/savacms.cert” SSLCertificateKeyFile “C:/Apache/conf/ssl/savacms.key” ServerAdmin bob.silverberg@gmail.com DocumentRoot C:/wwwroot/savaCMS ServerName savaCMS DirectoryIndex index.html, index.cfm ErrorLog logs/savaCMS-error_log CustomLog logs/savaCMS-access_log common <Directory C:/wwwroot/savaCMS> Options All AllowOverride All </Directory> </VirtualHost> I can now browse to http://savaCMS/ as well as https://savaCMS/! Hopefully these instructions will be found by the next person who chooses to attempt this. Src: http://www.silverwareconsulting.com/index.cfm/2009/3/31/Enabling-SSL-on-Apache-on-Windows Related Pages: 1 2 Configurations (Windows) ApacheSSL
Generate Large Test Files in Windows January 16, 2021 Open an administrative level command prompt. Run the following command: fsutil file createnew <file> <size in bytes> For example, this command will create a 1GB file called 1gb.test on my desktop: fsutil file createnew c:\users\steve\desktop\1gb.test 1073741824 The key is to input the size of the file in bytes so here… Read More
INSTALL IPTABLES IN DEBIAN 11 (BULLSEYE) February 26, 2024February 26, 2024 In this article you will learn how to uninstall default nftables framework, install iptables Debian 11 (Bullseye) and basic rules initial configuration. Uninstall nftables and its Dependencies IPtables is being replaced by nftables starting with Debian 10 Buster. Debian 11 comes with nftables framework. To install iptables first we need uninstall nftables and its dependencies. SSH… Read More
Microsoft “Dhaka” daylight savings patch June 18, 2009June 18, 2009 Microsoft Bangladesh today announced a patch based fix to address the Day Light Saving Time (DST) which is supposed to be effective in Bangladesh from June 19th at 11PM. This fix can be downloaded from Microsoft’s corporate website by going to http://support.microsoft.com/kb/972423 and will be applicable to Computers running on… Read More