Solved

mod_ssl + apache_2.0.52-win32-x8x-no_ssl.msi

Posted on 2004-10-14
7
476 Views
Last Modified: 2012-08-13
ARGGHH  )(*#)@%(&@!!!
is mod_ssl + apache_2.0.52-win32-x8x-no_ssl.msi an oxymoron?
is SSL simply not compatble with this distribution...
I had taken it to mean that ssl wasn't included (probably for some cryptgraphic export restriction)
but i can't find anything specific as to how to set this up.  
somebody please start me in the right direction?
0
Comment
Question by:benk-master-flash
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 15

Assisted Solution

by:samri
samri earned 250 total points
ID: 12313524
0
 
LVL 15

Expert Comment

by:samri
ID: 12313526
0
 
LVL 9

Accepted Solution

by:
ronan_40060 earned 250 total points
ID: 12318485
For the detailed instructions on installing and configurating apache and mod_ssl and testing a certificate ^please follow
http://httpd.apache.org/docs/windows.html    
 http://tud.at/programm/apache-ssl-win32-howto.php3.
also check out
http://www.apache-ssl.org/#FAQ
and
http://www.modssl.org/docs/2.8/ssl_reference.html

The best link is
http://www.devside.net/web/server/windows/apache-ssl-deflate

as per insstructions
Download the following
Home : http://httpd.apache.org/
Package(win32 source) : httpd-2.0.50-win32-src.zip
Unpack as ...\httpd-2.0.50
Gawk, bison, flex, sed : can be downloaded as stand alone win32 ports from GnuWin32 or with the Cygwin environment.
GnuWin32 : http://gnuwin32.sourceforge.net/packages.html
Cygwin : http://cygwin.com/
[do not use UnxUtils]
Download zlib source code, use version 1.1.4, from : http://www.gzip.org/zlib/
Unpack as ...\httpd-2.0.50\srclib\zlib
[do not use zlib version 1.2.1, will break mod_deflate build process]
Download OpenSSL source code, latest version (0.9.7d), from : http://www.openssl.org/source/
Unpack as ...\httpd-2.0.50\srclib\ope

regards
Ronan
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:benk-master-flash
ID: 12330541
Well, I finally solved the problem, it was kind of by luck, but I will award points b/c some of the links did help.
I will post a more detailed description when I have more time on Monday
0
 
LVL 9

Expert Comment

by:ronan_40060
ID: 12330575
Glad to know that your problem has been solved
please do post the description

happy programming

bonweekend
Ronan
0
 

Author Comment

by:benk-master-flash
ID: 12334202
Here is a quick and dirty to Apache2 and SSL

1.  Apache2 must be compiled with SSL support... currently you CANNOT get a version for windows with SSL compiled in from www.apache.org.

2.  Get the right version from http://hunter.campbus.com/  and download Apache_2.0.52-Openssl_0.9.7d-Win32.zip.  EXTRACT it to c:/apache     (SAVE YOURSELF TROUBLE AND JUST PUT IT IN THAT LOCATION... the conf file is setup for that directory.

3.  The critical difference between all of the above tutorials and my solution is the following
copy the contents of the ssl.conf file into the httpd.conf file located in c:\apache\conf

make sure this line is uncommented    --    LoadModule ssl_module modules/mod_ssl.so
make sure this line is commented out  --    #<IfModule mod_ssl.c>
                                                              #    Include conf/ssl.conf
                                                              #</IfModule>

make sure this line is commented out    --   #NameVirtualHost *:80   (this can be relaxed later... but make sure ssl works first)

4. copy the entire contents of c:\apache\conf\ssl.conf to the end of you httpd.conf file

5. add the directory ssl so that you have c:\apache\conf\ssl
place the .cert or .crt  and .key files you have created into this directory

6. in the ssl conf part of your httpd.conf file change the SSLMutex  to  "SSLMutex  none"
(i'm not sure if this will entirely botch your security or not, but it was a critical step for me to make this work)

7. AddType application/x-x509-ca-cert .crt  the extension .crt must mactch what ever file is in your c:\apache\conf\ssl directory
so if you have .cert in therer it should be AddType application/x-x509-ca-cert .cert if you have .crt in the ssl directory, then you can leave it as is.

8.  SSLCertificateFile conf/ssl/fundsalary.cert --- again, this line should match what ever the extension is in c:\apache\conf\ssl

9. from the command line got to c:\apache\bin type apache -k install
then type apache -k start -D SSL
note the D must be capitalized.

hope this helps everybody.
0
 
LVL 3

Expert Comment

by:a122178
ID: 14436580
Thanks for benk-master-flash's suggestion.

I follow the instruction above. And the apache start up correctly. However if I go to https://localhost. The page cannot be displayed. I try http://localhost. It works fine.
So what is the reason. Please help~! My boss will kill me if I cannot do this.

Do I have to reinstall the apache after I have installed the ssl mod.

Thanks alot!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now