Page 1 of 1

SSL Setup Using XAMMP

PostPosted: 23. February 2005 18:55
by whizadree
Hi has anyone got a step by step guide on how to create and install then test a SSL Cert using the SSL options supplied with XAMMP

Thanks

whiz

PostPosted: 24. February 2005 14:14
by petermu
Hi,
I'm looking for the same thing. I'm going to give it a try with the apache instructions, about halfway through in:
http://httpd.apache.org/docs-2.0/ssl/ssl_faq.html
The openssl command is in apache/bin/

PostPosted: 24. February 2005 14:26
by petermu
I tried it a couple of times following different instructions and got:

unable to find 'distinguished_name' in config
problems making Certificate Request
4294192761:error:0E06D06A:configuration file routines:NCONF_get_string:no conf or environment variable:.\crypto\conf\conf_lib.c:325:

when trying to create the .csr Certificate Request. Anybody got an idea?

PostPosted: 24. February 2005 15:57
by whizadree
Have you tried with the openssl ?

PostPosted: 24. February 2005 20:23
by jchapel
i'm getting ready to do this again with another domain.

I'm reading these again to help:
http://www.openssl.org/docs/HOWTO/certificates.txt
http://www.openssl.org/docs/HOWTO/keys.txt

Your problem is addressed here

http://www.openssl.org/support/faq.html#USER4

You will want to define the config file for openssl
openssl.exe req -config openssl.cnf -new -out ..\conf\ssl.csr\server.csr

You want to have your SSL vhost configured to answer port 443, you can test it with snakeoil.crt. I believe the default installation includes ssl.conf pre configured with snakeoil

Then it's basically: for a self signed certificate in RSA from apache/bin

to create key --> openssl.exe rsa -in privkey.pem -out ..\conf\ssl.key\server.key

to create --> openssl.exe x509 -in ..\conf\ssl.csr\server.csr -out ..\conf\ssl.crt\server.crt -req -signkey ..\conf\ssl.key\server.key -days 365

update ssl.conf and restart

Here is a bat file for windows that worked for me, edit filenames and run.

make_certificate.bat

PostPosted: 25. February 2005 01:26
by whizadree
Ok that batch file needed a lil editing on the download side of things and sorted that out , it ran ok but now how do i test it out :)

PostPosted: 25. February 2005 01:28
by whizadree
btw that would be a nice utility to add with future releases of the s/w

PostPosted: 25. February 2005 01:44
by jchapel
edited link should work better. I found that bat on the german side after much translation it's been around for a while now. Good to hear you got it working.

Testing it is easy, https://yourdomain.net. Getting your ssl.conf working may get tricky depending on your config. Check docs and search forum lot's of good info there.

PostPosted: 25. February 2005 15:14
by bobobo
or take following batch for keygeneration


put the following as generate_key.cmd in apache\bin directory
and open a console there.

"generate_key server 2000" generates a key named server valid for 2000 days after asking some questions about your config.


Code: Select all
@echo off
rem generate_key.cmd ServerName

if "%1"=="" goto anzeige

cd \xampp\apache\conf\ssl.key
\xampp\apache\bin\openssl genrsa 1024 > %1.key

rem MakeCertifikate ServerName days


cd \xampp\apache\conf\ssl.key
\xampp\apache\bin\openssl.exe req -config \xampp\apache\bin\openssl.cnf -new -x509 -days %2 -key %1.key -out \xampp\apache\conf\ssl.crt\%1.crt


rem ServerName steht bei mir immer für den Namen unter den ich das System im Browser später
rem erreichen möchte ( im Verzeichniss Server sind alle Virtuelles Server). Days steht
rem für den Gültigkeitszeitraum.
goto exit

:anzeige
echo.
echo              generate_key Keyname 2000
echo.
echo generates a key valid for 2000 Days
echo.
:exit
echo %1.key is located in \xampp\apache\conf\ssl.key\
echo %1.crt is located in  \xampp\apache\conf\ssl.crt\
echo openssl.conf may be to be tuned before
echo the actual key has the name server

cd \xampp\apache\bin

PostPosted: 25. February 2005 18:35
by whizadree
is it possible to run multiple domains with SSL and each have their own SSL CERT?

PostPosted: 28. February 2005 18:31
by bobobo
whizadree wrote:is it possible to run multiple domains with SSL and each have their own SSL CERT?


yes .. look into ssl.conf (in xampp/apache/conf) .. You have to create an own Section for each domain with an own domain doc_root and an own Key

BUT You can only assign 1 domain to the ssl-standard-port 443 .. further domains have further ssl-ports..