On Wed, 17 Apr 2024 at 15:36, General Email
<general.email.12341234@gmail.com> wrote:
>
>
> Anyways, I looked more on google and I think that I have found what I was looking for on this page:
> https://gist.github.com/taoyuan/39d9bc24bafc8cc45663683eae36eb1a
>
Few days ago, I configured SSL and enabled HTTPS on Apache 2.4. It is
working fine.
I am listing the steps below, in case it helps someone.
--------------------------------------------------------------
Enabling HTTPS and Configuring SSL in Apache 2.4 on Windows 10
Date: April, 2024
--------------------------------------------------------------
--------------------------------------------------------------------------------
VERY IMPORTANT:
You should not follow this process for a production environment because
self-signed SSL certificate (that is being generated here) is a security risk.
You should follow this process only for the local development environment.
--------------------------------------------------------------------------------
-------------------------------------
Please follow the steps listed below:
-------------------------------------
Step 1: Stop Apache web server if it is already running.
Step 2: Add "absolute_path_to_apache24_dir\bin" to the system environment
variable "Path". openssl.exe is in this folder.
Step 3: Open the Windows command prompt and change directory to
"absolute_path_to_apache24_dir\conf".
Step 4: On the command prompt, execute the following command:
set OPENSSL_CONF=absolute_path_to_apache24_dir\conf\openssl.cnf
If "absolute_path_to_apache24_dir" contains spaces then enclose the
path in quotes.
Step 5: Check that the OPENSSL_CONF variable is set to correct directory by
executing the following command on the command prompt:
echo %OPENSSL_CONF%
Step 6: On the command prompt, execute the following command
(openssl.exe is in "absolute_path_to_apache24_dir\bin" folder):
openssl genrsa -out cert.key 2048
Step 7: On the command prompt, execute the following command:
openssl req -new -key cert.key -out cert.csr
When you execute this command, you will be asked to give input for
some fields. I had given input for only one field (and for other fields,
I just hit "Enter" key):
Common Name (e.g. server FQDN or YOUR name) []:localhost
Step 8: On the command prompt, execute the following command:
openssl x509 -req -days 3650 -in cert.csr -signkey cert.key -out cert.crt
Step 9: Change a few lines in the
"absolute_path_to_apache24_dir\conf\httpd.conf"
file. I am listing the lines after the changes. I am not listing the
original lines. You can search and change/replace the
original lines.
The changed lines are:
Define SRVROOT "absolute_path_to_apache24_dir"
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
ServerName localhost:80
Include conf/extra/httpd-ssl.conf
Step 10: Change a few lines in the
"absolute_path_to_apache24_dir\conf\extra\httpd-ssl.conf" file.
I am listing the lines after the changes. I am not listing the
original lines. You can search and change/replace the
original lines.
The changed lines are:
ServerName localhost:443
ServerAdmin admin@localhost.localdomain.com
SSLCertificateFile "${SRVROOT}/conf/cert.crt"
SSLCertificateKeyFile "${SRVROOT}/conf/cert.key"
Step 11 (Last Step): Now, you can start Apache web server and test.
Since the security certificate that was generated here is self-signed,
the browser may show you a warning that the connection/certificate,
etc. is not trusted. But since this is your local development
environment, you can ignore this warning and accept the risk and
go ahead with the testing/development, etc.
I do the same (ignore the warning and accept the risk).
==== End ====
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
<general.email.12341234@gmail.com> wrote:
>
>
> Anyways, I looked more on google and I think that I have found what I was looking for on this page:
> https://gist.github.com/taoyuan/39d9bc24bafc8cc45663683eae36eb1a
>
Few days ago, I configured SSL and enabled HTTPS on Apache 2.4. It is
working fine.
I am listing the steps below, in case it helps someone.
--------------------------------------------------------------
Enabling HTTPS and Configuring SSL in Apache 2.4 on Windows 10
Date: April, 2024
--------------------------------------------------------------
--------------------------------------------------------------------------------
VERY IMPORTANT:
You should not follow this process for a production environment because
self-signed SSL certificate (that is being generated here) is a security risk.
You should follow this process only for the local development environment.
--------------------------------------------------------------------------------
-------------------------------------
Please follow the steps listed below:
-------------------------------------
Step 1: Stop Apache web server if it is already running.
Step 2: Add "absolute_path_to_apache24_dir\bin" to the system environment
variable "Path". openssl.exe is in this folder.
Step 3: Open the Windows command prompt and change directory to
"absolute_path_to_apache24_dir\conf".
Step 4: On the command prompt, execute the following command:
set OPENSSL_CONF=absolute_path_to_apache24_dir\conf\openssl.cnf
If "absolute_path_to_apache24_dir" contains spaces then enclose the
path in quotes.
Step 5: Check that the OPENSSL_CONF variable is set to correct directory by
executing the following command on the command prompt:
echo %OPENSSL_CONF%
Step 6: On the command prompt, execute the following command
(openssl.exe is in "absolute_path_to_apache24_dir\bin" folder):
openssl genrsa -out cert.key 2048
Step 7: On the command prompt, execute the following command:
openssl req -new -key cert.key -out cert.csr
When you execute this command, you will be asked to give input for
some fields. I had given input for only one field (and for other fields,
I just hit "Enter" key):
Common Name (e.g. server FQDN or YOUR name) []:localhost
Step 8: On the command prompt, execute the following command:
openssl x509 -req -days 3650 -in cert.csr -signkey cert.key -out cert.crt
Step 9: Change a few lines in the
"absolute_path_to_apache24_dir\conf\httpd.conf"
file. I am listing the lines after the changes. I am not listing the
original lines. You can search and change/replace the
original lines.
The changed lines are:
Define SRVROOT "absolute_path_to_apache24_dir"
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
ServerName localhost:80
Include conf/extra/httpd-ssl.conf
Step 10: Change a few lines in the
"absolute_path_to_apache24_dir\conf\extra\httpd-ssl.conf" file.
I am listing the lines after the changes. I am not listing the
original lines. You can search and change/replace the
original lines.
The changed lines are:
ServerName localhost:443
ServerAdmin admin@localhost.localdomain.com
SSLCertificateFile "${SRVROOT}/conf/cert.crt"
SSLCertificateKeyFile "${SRVROOT}/conf/cert.key"
Step 11 (Last Step): Now, you can start Apache web server and test.
Since the security certificate that was generated here is self-signed,
the browser may show you a warning that the connection/certificate,
etc. is not trusted. But since this is your local development
environment, you can ignore this warning and accept the risk and
go ahead with the testing/development, etc.
I do the same (ignore the warning and accept the risk).
==== End ====
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org