Certificate for Widows 7?!

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.unpredictableporridge.co.uk

I ran this command: N/A

It produced this output: N/A

My web server is (include version): Apache 2.4.3.

The operating system my web server runs on is (include version): Widows 7 Home Edition.

My hosting provider, if applicable, is:Self-Hosted.

I can login to a root shell on my machine (yes or no, or I don't know):Command Prompt, yes!

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): N/A

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

2

To continue from the above post:

Hello!

New here, so not sure if posting in the right place, or even Forum?!

I am running a Widows 7 32-bit installation as a Webserver, and am trying to find an S.S.L. Certficate, and have only been able to find a 64-bit Certificate.

Can someone point me in the right direction, please?

Many thanks.

Cheers.

1 Like
3

A what now? I'm not aware of 32 vs 64 bits certificates. Can you elaborate?

3 Likes
4

Thanks for your reply, Osiris - is that a character from Doctor Who?!

Not looking for a 32 vs 64 bit Certificate.

The Operating System I have the Web Server on is Widows 7 32-bit, and I require the certificate for that, does that help clarify the situation?!

Thanks for trying to help.

Cheers.

1 Like
5

Certbots Windows installer is only build for amd64 I believe, not sure if it'll run on 32 bit Windows.

There are a few other ACME clients out there for Windows: ACME Client Implementations - Let's Encrypt I'm sure some of those would work on 32 bit Windows.

3 Likes
6

Thanks for that information Osiris.

Unfortunately, they are only 64-bit updates, although was unable to get the download for A.C.M.E Client Implementations, just a directory listing?!

However, Let's Encrypt do offer a 64-bit release for Widows 7, but not 32-bit, which seems a bit strange, thought they would have offered both?!

Cheers.

1 Like
7

Technically, Let's Encrypt does not "offer" Certbot at all. Certbot is developed by EFF

Let's Encrypt (by ISRG) is an ACME Server. Many ACME Clients, like Certbot, are made by various others

I'd guess there are not many people running web servers on a 32-bit O/S that has been out of service for 3 years. Without much demand there's no reason to support it.

5 Likes
8

Thanks MikeMcQ, your response really cheered me up!

Accept your point, but would have said the same about Widows 7 64-bit, not only is it regarded as fairly old, but is not a server-based O.S.?!

However, am trying to avoid the necessity of having to upgrade to Widows 10, due to having to re-install all the software for my hobby, if not able to find a Widows 7 Certificate for download?!

1 Like
9

There is no such thing as a "Windows 7 certificate." There's no such thing as a Windows 10 certificate, or a Ubuntu cert, or a Debian cert, or a FreeBSD cert, or whatever. All the certs are X.509 certs, usually delivered in .pem format. The issue is whether there is client software available that will run in your long-since-deprecated OS. And there should be; if nothing else you ought to be able to run WSL or Cygwin and thereby get to a Bash shell, which should let you run acme.sh. Whether that would be a good idea is a separate question.

4 Likes
10

Posh-ACME should still work on 32-bit Win7 if you can get PowerShell 5.1 and .NET 4.7.1 or later installed.

5 Likes
11

danb35,

Thanks for your reply, and your advice, appreciate that.

After investigating, apparently W.S.L. doesn't run on Widows 7, only from 10, and Cygwin will only run on 64-bit, not 32-bit, but thanks for trying!

1 Like
12

rmbolger,

Thanks for your advice, have carried out an installation of Powershell 5.1, will re-boot later, and hopefully get Posh-ACME to work?!

Cheers.

2 Likes
13

You can also acquire a cert on a modern operating system then copy the certificate files to your Windows 7 machine. Consider moving your web server to a version of windows that receives security updates, which will also mean you can use the latest software.

5 Likes
14

OR

If you are daring...
You might be able to use that old box with a new version of Linux [and breathe some life into it].

7 Likes
15

Or... You can virtualize Windows 7 and put a reverse proxy and TLS terminator elsewhere.

7 Likes
16

webprofusion, rg305, and 9peppe,

Thanks for your help and advice.

I don't have a Computer with a more modern Operating System, though I have read somewhere that these Certfiicates are available for Widows XP Professional, too?!

Have dabbled with Linux before, not a good idea, when one is audio streaming, which goes for the T.L.S suggestion too.

As the Website is self-hosted, will I require a self-signed Certificate, hear they are not too reliable?!

1 Like
17

Certificates are just files, they are available for any operating system. X86, AMD64, ARM, Sparc, PowerPC, whatever.

From a technical standpoint, a self-signed certificate is just as reliable as any other certificate: a certificate is just a bunch of information, including a public key, signed by another cert or itself. It's just a matter of trust: self-signed certificates aren't automatically trusted by TLS clients, but publicly trusted certs, well.. Are..

7 Likes
18

Thanks Osiris.

So, would be better for me to obtain a Publicly Trusted Certificate, than self-signed?

1 Like
19

Depends on what you're going to do with it.

4 Likes
20

The intention is to use the Certificate for a couple of Websites hosted, just as a hobby!