Hi all.
I am very urgent of this actually.
I have already setup XAMPP 1.4.14 under winxp and want to have SSL support in my website.
However, I am lost on a lot of docs on openSSL and don't know what is the starting point of creating a CA, public/private key and do encryption and login right away...
I pledge for all you kind support on all openssl stuff...
Actually my questions are:
- how to setup openssl once download and extract XAMPP?
- what is the steps/processes and probably command on creating own CA, keys etc...
- how to make use of all this in client-server encryption process? Do I need to send them a public key? or can they just use the key once user surfs my web, using IE or firefox?
Again, any support will be very very very much appreciated!!!!! I have already search the forum but seems no idea....
Thank you in advance for all your HELP!!!!!!!!
starting point of OpenSSL
9 posts
• Page 1 of 1
starting point of OpenSSL
by alucard01 » 28. June 2005 18:19
- alucard01
- Posts: 122
- Joined: 15. May 2005 13:51
OpenSSL Starting point
by Clausen » 29. June 2005 22:59
Hi,
I have to say that I am not the absolute specialist and I have just set up my own XAMPP 1.4.14 (tried Linux and Windows) to have I private little Wiki using Mediawiki with encrypted communication between browser and server (hence - SSL). I am using a self certified certificate.
My steps to success:
1) Look on http://www.openssl.org/docs/HOWTO/. You will find "certificates.txt" and "keys.txt"
2) Open "keys.txt" and you will find how to create your RSA private key which you will need to create a certificate (remove the -des3 option as described to avoid having to provide a password every 2 secs):
openssl genrsa -out privkey.pem 2048
Rename the generated privkey.pem to mykey.key and move it to [XAMPPDIR]\apache\conf\ssl.key\
3) Now open "certificates.txt" and create a (self-)certificate according to the instructions:
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
You will need to provide some information which is not really important in a self certificate but if somebody accesses your site later on they will be able to see it, so don't be rude... The "Name" bit is probably best set to your domain name such as www.test.org
Rename the generated cacert.pem to mycert.crt and move it to [XAMPPDIR]\apache\conf\ssl.crt\
4) In XAMPP SSL is already enabled so you do not need to edit httpd.conf. edit [XAMPDIR]\apache\conf\ssl.conf.
Change
SSLCertificateFile "C:/Program Files/xampp/apache/conf/ssl.crt/server.crt"
to ...mycert.crt
and
SSLCertificateKeyFile "C:/Program Files/xampp/apache/conf/ssl.key/server.key"
to ...mykey.key
5) Restart XAMPP (either use Link in start menu or if installed as service restart service)
6) In your Browser try https://myserver and it should warn you about some "dodgy" certificate namely: yours.
7) Be aware that this is only a way of trying out SSL and I am not an expert so I might have missed important security issues... But it's fun!!
Ulf
I have to say that I am not the absolute specialist and I have just set up my own XAMPP 1.4.14 (tried Linux and Windows) to have I private little Wiki using Mediawiki with encrypted communication between browser and server (hence - SSL). I am using a self certified certificate.
My steps to success:
1) Look on http://www.openssl.org/docs/HOWTO/. You will find "certificates.txt" and "keys.txt"
2) Open "keys.txt" and you will find how to create your RSA private key which you will need to create a certificate (remove the -des3 option as described to avoid having to provide a password every 2 secs):
openssl genrsa -out privkey.pem 2048
Rename the generated privkey.pem to mykey.key and move it to [XAMPPDIR]\apache\conf\ssl.key\
3) Now open "certificates.txt" and create a (self-)certificate according to the instructions:
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
You will need to provide some information which is not really important in a self certificate but if somebody accesses your site later on they will be able to see it, so don't be rude... The "Name" bit is probably best set to your domain name such as www.test.org
Rename the generated cacert.pem to mycert.crt and move it to [XAMPPDIR]\apache\conf\ssl.crt\
4) In XAMPP SSL is already enabled so you do not need to edit httpd.conf. edit [XAMPDIR]\apache\conf\ssl.conf.
Change
SSLCertificateFile "C:/Program Files/xampp/apache/conf/ssl.crt/server.crt"
to ...mycert.crt
and
SSLCertificateKeyFile "C:/Program Files/xampp/apache/conf/ssl.key/server.key"
to ...mykey.key
5) Restart XAMPP (either use Link in start menu or if installed as service restart service)
6) In your Browser try https://myserver and it should warn you about some "dodgy" certificate namely: yours.
7) Be aware that this is only a way of trying out SSL and I am not an expert so I might have missed important security issues... But it's fun!!
Ulf
- Clausen
- Posts: 6
- Joined: 26. June 2005 13:53
by alucard01 » 30. June 2005 08:55
Thanks for your reply.
Very thanks for your information and it's very helpful.
I am already setup my SSL in apache, using your method, and it works perfectly.
Actually, what I do is to use CA key to encrypt information transaction.
and now I am dig into another issue that, instead of using CA, I would like to use another key which is for server only (Pls think in a way that CA and Server are different instance.)
Anyway, thanks for your information.
Very thanks for your information and it's very helpful.
I am already setup my SSL in apache, using your method, and it works perfectly.
Actually, what I do is to use CA key to encrypt information transaction.
and now I am dig into another issue that, instead of using CA, I would like to use another key which is for server only (Pls think in a way that CA and Server are different instance.)
Anyway, thanks for your information.
- alucard01
- Posts: 122
- Joined: 15. May 2005 13:51
help me..
by eyeshield86 » 15. March 2008 12:59
OpenSSL> req -new -x509 -key privkey.pem -out cacert.pem -days 1095
Unable to load config info from /usr/local/ssl/openssl.cnf
error in req
anyone can help me??? plzzz..
Unable to load config info from /usr/local/ssl/openssl.cnf
error in req
anyone can help me??? plzzz..
- eyeshield86
- Posts: 4
- Joined: 15. March 2008 12:45
- Location: malaysia
Re: help me..
by Milligan » 15. March 2008 13:19
Last edited by Milligan on 17. July 2008 05:42, edited 1 time in total.
- Milligan
- Posts: 136
- Joined: 03. March 2008 06:23
by eyeshield86 » 15. March 2008 14:39
Your command line in the quote above looks like it is being issued in Linux installation, is that correct?
rightly,i installed in windows..
and after i follow your instruction, i got this
OpenSSL> openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
openssl:Error: 'openssl' is an invalid command.
nway,thanx 4 ur reply
- eyeshield86
- Posts: 4
- Joined: 15. March 2008 12:45
- Location: malaysia
by eyeshield86 » 15. March 2008 14:46
and for addition, why i dont have "apache\conf\extra folder "?
p/s: i installed XAMPP 1.4.15
p/s: i installed XAMPP 1.4.15
- eyeshield86
- Posts: 4
- Joined: 15. March 2008 12:45
- Location: malaysia
by Wiedmann » 15. March 2008 16:26
why i dont have "apache\conf\extra folder "?
Your XAMPP version is to old...
OpenSSL> openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
openssl:Error: 'openssl' is an invalid command.
You must enter this command at the Windows command prompt (cmd.exe) and not starting "openssl.exe" with a doubleclick and then using this command.
- Wiedmann
- AF Moderator
- Posts: 17102
- Joined: 01. February 2004 12:38
- Location: Stuttgart / Germany
9 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 80 guests