Openssl Certificate (apatche2.4 in windows)


#1

Hi…
how to creating ssl certificate to openssl in apatche2.4 to windows
can I help me pleas


#2

Hi

Please follow this line for instructions.


#3

You might also want to look at the list of Windows clients in

I think win-acme is now the most used.


#4

Thanks… but I want to know how to set up the certificate safely OPENSSL because I started to create it and something went wrong
can you help me

These commands are used
1-openssl req -config openssl.cnf -new -out htv.csr -keyout htv.pem
2-openssl rsa -in htv.pem -out htv.key
3-openssl x509 -in htv.csr -out htv.crt -req -signkey htv.key -days 3650

open to config file and change the port (443)

del # to line 184 (Load Module ssl-module)
and # to line 171 (LoadModule rewrite_module)
AND # TO line 191 (LoadModule vhost_alias_module)
and insert vhosts :
<VirtualHost *:443>
DocumentRoot "C:/Apache24/htdocs/localhost/mysite.com"
ServerName localhost
Redirect / https://localhost/mysite.com/
ServerAlias localhost/mysite.com
SSLEngine on
SSLCertificateFile "C:/Apache24/conf/htv.crt"
SSLCertificateKeyFile "C:/Apache24/conf/htv.key"
SSLCertificateChainFile “C:/Apache24/conf/htv.crt”

insert this Redirect in line 356:

  RewriteEngine On
  RewriteCond %{HTTPS} off
  RewriteRule (.*) https://%{lopcalhost/mysite.com}:443%{REQUEST_URI} 

open httpd-vhosts file and change the port 443 line 15 and

copy and change to port 80 to 443
change the setting in vhost 80 and 443
<VirtualHost *:443>


mysite is local and my server is Apache


** this is task in my university **



#5

THIS IS ERROR
localhost uses an invalid security certificate.

The certificate is not trusted because it is self-signed.
The certificate is not valid for the name localhost.

Error code: SEC_ERROR_UNKNOWN_ISSUER


https://localhost/mysite.com/
Peer’s Certificate issuer is not recognized.
HTTP Strict Transport Security: false
HTTP Public Key Pinning: false
Certificate chain:


#6

Hi,

Do you mean want to create a self-signed ssl (not trusted by public CA) for your local website?

If so, you can follow this link (as that’s what i used for ssl self-sign):
https://jamielinux.com/docs/openssl-certificate-authority/

However, if you are trying to obtain a trusted ssl for localhost, it’s not possible since ssl can only be issued under trusted public domains (no localhost, xxx.local etc)

Thank you


#7

Thank you @stevenzhu
and You have all the appreciation :kissing_heart:


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.