Windows and Apache

qrazyneo · August 13, 2019, 2:07am

Hello.

I use xampp / apache on windows.

Certbot does not seem to have been built for windows / apache. Can you give me another suggestion on how to get started with lets encrypt? It does not feel safe to choose a third party for this or maybe you have some trusted partners?

Best regards.

_az · August 13, 2019, 2:16am

Certbot is not yet officially available for Windows, but will be in the future.

I don’t think there is an officially blessed Windows client.

There is a list of Windows clients here: https://letsencrypt.org/docs/client-options/#clients-windows-/-iis

I’ve seen people successfully using most of those listed clients.

qrazyneo · August 13, 2019, 2:32am

Hi az, thanks for your reply.

But when I use the other clients, where are the keys and certificates created? Is that part still happening at Lets Encrypt, or is it a conversation between me and the third parties?

It is not good if I use a bad client and keys end up in the wrong hands

_az · August 13, 2019, 2:39am

That is a valid concern.

However, all of those clients are completely open source, so you can always verify that they are not sending your private keys anywhere. (And none of them do, as far as I know).

You can, of course, try to run Certbot on Windows via Python. It does work to some extent, but probably not with all of the functionality you need (such as automatically configuring Apache).

It’s better to stick to the other Windows choices for now.

qrazyneo · August 13, 2019, 11:11am

Is it possible to request a certificate from lets encrypt server directly and handle thing manually?

Best regards

_az · August 13, 2019, 11:22am

Those clients do request a certificate from the Let’s Encrypt server directly

But no, you can’t do it without a client. You need one to perform all of the cryptographic operations required by the ACME protocol.

qrazyneo · August 13, 2019, 12:21pm

Hello az.

Okey, I understand.

So this workes now for one of my websites. I generated and downloaded some files direct from zero ssl’s online tools. Then I made some updates in my apache ssl config file. However, this process is just for one website, what if I want to host multiple websites om my server.

Can I have a certificate that covers the entire server and all the websites in it? Or do I have to make a new request for each website and also add each website in my ssl config file?

What solutions are there and what do you suggest?

Best regards

orangepizza · August 13, 2019, 1:05pm

you can do as you want, but LE only allows up to 100 names in a single certificate.

system · September 12, 2019, 1:05pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Will it be possible to get a cert for Windows with Apache2 running? Server	9	9112	June 17, 2016
Kudos for your product Praise	3	558	August 16, 2022
Proving ownership on Windows / Apache Server	4	4109	October 9, 2017
An error with ssl Help	3	196	April 2, 2024
How to request (not necessarily install) an SSL certificate for a website running under Windows on a server using Apache Help	29	2728	November 30, 2021

Windows and Apache

Related topics