SSL without SSI
Tell me please, I have a WIN server 2012, and I do not use IIS, I just have APACH on the server and on my websites.
The question is, can I use SSL without IIS and how can I do it?
Sorry for my English
I don't know, if there is an explicit client which supports Apache under Windows 2012.
But check the list of Windows clients:
Windows / IIS
- ACMESharp (.NET, PowerShell)
- win-acme (.NET)
- Certify The Web GUI (.NET, WPF)
- oocx/acme.net (.NET)
- kelunik/acme-client (PHP)
- ZeroSSL Windows
- AutoACME (.NET)
- Posh-ACME (PowerShell)
- Certes (.NET) . ACME-PS (PowerShell)
Clients with a GUI may be one option.
Thank you very much, how to check I’ll write
We have been able to help people on the forum in a lot of languages, either by using machine translation or by finding people who speak different languages. Feel free to try asking your question in a different language!
Yes; I have used Apache (and NGINX) on Windows (2008, 2012, 2016) with LE certs.
- Be sure IIS is not running or at least IIS is not using ports 80 nor 443.
- Configure Apache to handle the /.well-known/acme-challenge/ requests properly.
(I use a global alias to affect all vhost configs at once.) - Use a Windows client to obtain LE cert.
(I use "LE64.exe" - see the GitHub REPO - Win2K12 can use the 64 bit version) - Use a scheduled task to automate the renewal process and restart Apache.
(I run it twice a week.)
Yes, thank you very much with your advice, I managed to make a certificate.
But why doesn’t it work for me, what else have I done wrong?
I enabled httpd.conf in the config “LoadModule ssl_module modules / mod_ssl.so”
and made an entry in httpd-vhosts.conf
"<VirtualHost *: 443>
DocumentRoot “C: /apache/mydomain.com/www”
ServerName mydomain.com
ServerAlias www.mydomain.com
ErrorLog “C: /apache/mydomain.com/error.log”
CustomLog “C: /apache/mydomain.com/access.log” common
SSLEngine on
SSLCertificateFile “C: /Apache/conf/mydomain.crt”
SSLCertificateKeyFile “C: /Apache/conf/mydomain.key”
SSLCipherSuite HIGH:! ANULL:! MD5
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder on
</ VirtualHost> "
What doesn't work? Are there error logs?
Is there a space between the colon and the 443 in your config?
error like only one “[ssl: warn] [pid 8760: tid 548] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]”
And so the Apache normally seems to be loading.
Here is what he writes on the test “https://www.gogetssl.com/check-ssl-installation/”
(http://prntscr.com/luj60u screenshot)
Please share your domain name.
There is a self signed expired certificate.
|CN=WIN-48CV3L5K98M |06.01.2018|08.07.2018expired| | --- | --- |
Looks like your vHost doesn't work, so the wrong content (empty - status 404, not found) and the wrong certificate is used.
A standard self signed certificate.
So check your Apache configuration files to find this certificate.
Please tell me where to look, where to dig?
Have you looked into this?:
but I watched the space where there is no
Please show your apache config files.
I don’t find
listen 443
anywhere in those files.
Add it below
listen 80
Are you sure that port 443 goes to this system?
Who is “WIN-48CV3L5K98M”?
Please show output of:
curl ifconfig.me
I've also already begun to doubt where it is driving me to port 443, when adding "listen 443" to the config, my apache displays an error
PS C:\Users\Администратор> wget ifconfig.me
StatusCode : 200
StatusDescription : OK
Content : 94.228.200.250
RawContent : HTTP/1.1 200 OK
x-cloud-trace-context: 20136985fc31e78be8f6885f20e5ae58/11591893127808886881;o=0
Access-Control-Allow-Origin: *
Content-Length: 14
Content-Type: text/plain; charset=utf-8
Date: Th…
Forms : {}
Headers : {[x-cloud-trace-context, 20136985fc31e78be8f6885f20e5ae58/11591893127808886881;o=0], [Access-Contro
l-Allow-Origin, *], [Content-Length, 14], [Content-Type, text/plain; charset=utf-8]…}
Images : {}
InputFields : {}
Links : {}
ParsedHtml : System.__ComObject
RawContentLength : 14