How to add subjectAltName values to server.crt?

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Re: How to add subjectAltName values to server.crt?

Postby joaopoa » 28. April 2017 19:22

Thank you Faospark,
When running makecert.bat returns:
Could not find C: \ WINDOWS \ system32 \ .rnd
C: \ WINDOWS \ system32 \ privkey.pem could not be found
Could not find C: \ WINDOWS \ system32 \ server.csr
joaopoa
 
Posts: 2
Joined: 28. April 2017 19:13
XAMPP version: 3.2.2
Operating System: win 10

Re: How to add subjectAltName values to server.crt?

Postby joaopoa » 28. April 2017 19:27

TomXampp,
I solved firefox by simply importing server.crt, in advanced -> authorities -> import
But I still fight with the chrome ...
joaopoa
 
Posts: 2
Joined: 28. April 2017 19:13
XAMPP version: 3.2.2
Operating System: win 10

Re: How to add subjectAltName values to server.crt?

Postby TomXampp » 28. April 2017 21:48

When I try to import the certificate into the Authorities group in Firefox, I receive the following error message:

Code: Select all
This is not a certificate authority certificate, so it can’t be imported into the certificate authority list.


This certificate is generated following Faospark's method, and it is recognized by Chrome, Opera, and IE.
TomXampp
 
Posts: 51
Joined: 12. March 2015 03:58
Operating System: Windows 8.1

Re: How to add subjectAltName values to server.crt?

Postby faospark » 28. April 2017 23:25

in firefox in my case just open the site on the browser and recieve the warning click the advance tab then click add the exception. a dialogbox would open. click the security excemption button. then you get your greenicon lock icon back.
this is for firefox version 53
User avatar
faospark
 
Posts: 11
Joined: 07. March 2017 11:40
XAMPP version: 7.1.1
Operating System: windows 10

Re: How to add subjectAltName values to server.crt?

Postby faospark » 28. April 2017 23:31

joaopoa wrote:Thank you Faospark,
When running makecert.bat returns:
Could not find C: \ WINDOWS \ system32 \ .rnd
C: \ WINDOWS \ system32 \ privkey.pem could not be found
Could not find C: \ WINDOWS \ system32 \ server.csr


double check your makecert.bat file. make sure to use the local one that is found on your xamp->apache installation. its more likely a case of it specifying the .rnd file and server.csr file on a different location.
here is the full code of my makecert.bat

Code: Select all
@echo off
set OPENSSL_CONF=./conf/openssl.cnf

if not exist .\conf\ssl.crt mkdir .\conf\ssl.crt
if not exist .\conf\ssl.key mkdir .\conf\ssl.key

bin\openssl req -new -out server.csr
bin\openssl rsa -in privkey.pem -out server.key
bin\openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365 -extfile v3.ext

set OPENSSL_CONF=
del .rnd
del privkey.pem
del server.csr

move /y server.crt .\conf\ssl.crt
move /y server.key .\conf\ssl.key

echo.
echo -----
echo Das Zertifikat wurde erstellt.
echo The certificate was provided.
echo.
pause
User avatar
faospark
 
Posts: 11
Joined: 07. March 2017 11:40
XAMPP version: 7.1.1
Operating System: windows 10

Re: How to add subjectAltName values to server.crt?

Postby mikado » 28. September 2017 14:10

Thank you @faospark !!
Was getting ERR_SSL_SERVER_CERT_BAD_FORMAT error on localhost after Chrome 61 update, getting a v3 certificate is indeed the fix as seen here : https://bugs.chromium.org/p/chromium/issues/detail?id=715969#c23

Your instructions fixes ! Kudos !
mikado
 
Posts: 1
Joined: 28. September 2017 14:03
XAMPP version: 3.2.2
Operating System: windows 10

Re: How to add subjectAltName values to server.crt?

Postby WebDevBooster » 14. November 2017 04:26

After following @faospark's instructions from this post:
https://community.apachefriends.org/viewtopic.php?p=256428&sid=57f424751a8e46e0cb39a7ef1f4d52cf#p256489
Here's what I did to install the generated certificate:
double click the server.crt file in C:\xampp\apache\conf\ssl.crt

Then click "install certificate", follow the steps,
select "Place all certificates in the following store"
and select "Trusted Root Certification Authorities".
Restart Apache and you're done.

The certificate works in Chrome, Opera and Edge.
So, no need to import it into those browsers individually.
WebDevBooster
 
Posts: 1
Joined: 14. November 2017 03:59
XAMPP version: 3.2.2
Operating System: Windows 10

Previous

Return to XAMPP for Windows

Who is online

Users browsing this forum: Network Semi-pro19 and 57 guests