httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Laurent Blume <laurent.bl...@infores.com>
Subject Re: [users@httpd] Vexed over Apache 1.3 and OpenSSL under Windows
Date Mon, 04 Aug 2003 14:04:57 GMT

I just got up to add SSL to my own Apache2/Windows server (I did have 
some experience on doing it on Solaris, so it was quite easy).

Here are the steps I followed:

- I installed Apache 2.0.47 using Apache official installer found there 
[1], which does not include SSL, but does install it as a service.

- I downloaded the unofficial 2.0.47 build found there [2], copied 
mod_ssl.so from it to my Apache modules/ directory, and the sample 
ssl.conf to the conf/ directory.

- I downloaded the also unofficial OpenSSL 0.9.7b built found there [3], 
and installed it.

- I created a self-signed certificate following those instructions [4] 
(they also explain how to create a certificate request).

- I created ssl.key and ssl.crt directories in the Apache conf/ 
directory, and put the certificate and key there.

  - I modified httpd.conf to load the ssl module (one line to uncomment) 
and ssl.conf to look for the right certificate and key names (2 lines to 
modify), and have the right name server and such.

I hope I didn't forget anything :-)

I know building from source would be better, but it is such a pain on 
Windows... I just wish I could have a Unix box instead :-(

HTH,

Laurent

[1]
http://httpd.apache.org/download.cgi
Win32 binary: apache_2.0.47-win32-x86-no_ssl.msi

[2]
http://www.gknw.net/development/apache/httpd-2.0/win32/

[3]
http://www.shininglightpro.com/index.php?treeloc=35

[4]
http://www.openssl.org/docs/HOWTO/certificates.txt

Kevin Ericson wrote:

> Anyone out there know of  an easier way to get SSL working under Apache 
> 1.3 on a Windows platform?  The OpenSSL site is pretty dismal when it 
> comes to that. Just downloading the tarballs blew up WinZip and WinRAR 
> on every machine I've got. Finally FTPed from my RedHat box ran tar, 
> install Samba, port to Windows only to read the directions that start 
> with telling me to install PERL, install Visual C++, find a copy of MASM 
> (haven't used that since the 1980's) and start compiling. And even then 
> I see absolutely nothing on what to do with integrating it into your 
> httpd.conf file.
> 
> Certainly there's an easier way. Isn't there?
> 
> Ok. So maybe there isn't. Give me just one hint, though. Even after all 
> the compiling and PERLing and macro assembling I read on VeriSign's web 
> site about generating a CSR. They say to run this command...
> 
> openssl req -new -nodes -keyout private.key -out public.csr
> 
> I don't see anywhere after all that compiling where an openssl.exe file 
> is made. I did find one from www.shininglightpro.com but not a lick of 
> documentation that was of any use (some good documentation on "4 Byte 
> Semaphores" and "Poly-Point Collision Detection" though).
> 
> Am I even going down the right path? Should I be researching mod_ssl or 
> Apache-SSL or is OpenSSL the way to go? Each one seems to be somehow 
> tied to the other? I see Stronghold is a commercial 
> product...oops...www.c2.net is a dead link...surprise, surprise.
> 
> Any guidance is appreciated. I don't need a fish, I just need a little 
> help with somebody showing me how to bait the hook.




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message