Thank you Faospark,
When running makecert.bat returns:
Could not find C: \ WINDOWS \ system32 \ .rnd
C: \ WINDOWS \ system32 \ privkey.pem could not be found
Could not find C: \ WINDOWS \ system32 \ server.csr
This is not a certificate authority certificate, so it can’t be imported into the certificate authority list.
joaopoa wrote:Thank you Faospark,
When running makecert.bat returns:
Could not find C: \ WINDOWS \ system32 \ .rnd
C: \ WINDOWS \ system32 \ privkey.pem could not be found
Could not find C: \ WINDOWS \ system32 \ server.csr
@echo off
set OPENSSL_CONF=./conf/openssl.cnf
if not exist .\conf\ssl.crt mkdir .\conf\ssl.crt
if not exist .\conf\ssl.key mkdir .\conf\ssl.key
bin\openssl req -new -out server.csr
bin\openssl rsa -in privkey.pem -out server.key
bin\openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365 -extfile v3.ext
set OPENSSL_CONF=
del .rnd
del privkey.pem
del server.csr
move /y server.crt .\conf\ssl.crt
move /y server.key .\conf\ssl.key
echo.
echo -----
echo Das Zertifikat wurde erstellt.
echo The certificate was provided.
echo.
pause
Nobbie wrote:TomXampp wrote:And, if you truly want to help, you could simply set up your localhost for https and then find the solution using openssl, which is the provided method for making ssl certificates with XAMPP. That would be a truly helpful response.
I am not interested in that issue and neither want to help on it, as i cannot find any use. I am simply a user of Xampp and i simply dont need https on localhost. Why should i waste my time to solve your private problem, which isnt a Xampp problem anyway? Its also a well known problem, that Google and Chrome have their own understanding of security, if you dont like it, simply use another browser, at least a very helpfull hint in my mind. I am not interested to go any deeper in this problem.
ntapache wrote:[qurote="Nobbie"]
It's arrogant people like you that have nothing better to add than negativity. If that is your game, good luck with that[
@echo off
REM This is setEnvironmentVariables.bat
REM
REM This file sets environment variables needed in the A.BAT and B.BAT routines
REM It also writes configurations to a configuration file,
REM by default named config.cnf below (change if desired)
REM
REM A.BAT and B.BAT both call this batch file.
REM
REM Default names are provided for the first 5 variables;
REM you *must* provide something to replace the {{XYZ}} variables that follow.
REM
REM Also, in the A.BAT and B.BAT files, replace "foobar" with an original passphrase
set CAFILE=myCA
set CN=localhost
set CONFIG=config.cnf
set HOSTFILE=myLocalhost
REM Notice that %EXTFILE% requires that %HOSTFILE% be defined before it is defined!
set EXTFILE=%HOSTFILE%.ext
set COUNTRY={{MyCountry}}
set STATE={{MyState}}
set LOCALITY={{MyCity}}
set ORGANIZATION={{MyOrganization}}
set ORGANIZATIONALUNIT={{MyDepartment}}
set EMAIL={{MyEmail}}
REM Write configurations to the config file:
echo [req]> %CONFIG%
echo distinguished_name = req_distinguished_name>> %CONFIG%
echo x509_extensions = v3_req>> %CONFIG%
echo prompt = no>> %CONFIG%
echo [req_distinguished_name]>> %CONFIG%
echo C = %COUNTRY%>> %CONFIG%
echo ST = %STATE%>> %CONFIG%
echo L = %LOCALITY%>> %CONFIG%
echo O = %ORGANIZATION%>> %CONFIG%
echo OU = %ORGANIZATIONALUNIT%>> %CONFIG%
echo CN = %CN%>> %CONFIG%
echo emailAddress = %EMAIL%>> %CONFIG%
echo [v3_req]>> %CONFIG%
echo basicConstraints=CA:TRUE,pathlen:0>> %CONFIG%
echo subjectKeyIdentifier = hash>> %CONFIG%
echo authorityKeyIdentifier = keyid,issuer>> %CONFIG%
echo subjectAltName = @alt_names>> %CONFIG%
echo [alt_names]>> %CONFIG%
echo DNS.1 = %CN%>> %CONFIG%
echo DNS.2 = 127.0.0.1>> %CONFIG%
@echo off
REM This is unsetEnvironmentVariables.bat
set CAFILE=
set CN=
set CONFIG=
set HOSTFILE=
set EXTFILE=
set COUNTRY=
set STATE=
set LOCALITY=
set ORGANIZATION=
set ORGANIZATIONALUNIT=
set EMAIL=
@echo off
rem This is A.BAT
cls
echo.
echo setEnvironmentVariables.bat is assumed to have been edited!
call setEnvironmentVariables
echo.
echo Creating CA KEY file...
echo.
openssl genrsa -des3 -passout pass:foobar -out %CAFILE%.key 2048
echo.
echo Creating CA PEM file...
echo.
openssl req -passin pass:foobar -x509 -new -nodes -key %CAFILE%.key -sha256 -days 3650 -config %CONFIG% -out %CAFILE%.pem
echo.
echo Next, register the %CAFILE%.PEM file with Windows and Firefox, then run b.bat.
echo Press any key to continue to instructions.
echo.
pause
cls
echo.
echo In Windows:
echo.
echo * Run Winkey-^>MMC
echo * File -^> Add/Remove Snap-in... (Ctrl^+M)
echo * Under "Available snap-ins", click "Certificates"
echo * Click [Add] button; a modal dialog window will appear
echo * Select "Computer Account" radio button and click [Next] button
echo * Local Computer should be selected in next window; click [Finish] button
echo * Click [OK] back on "Add or Remove Snap-ins" modal window
echo * Expand "Certificates" under "Console Root" in left pane
echo * Expand "Trusted Root Certificates"
echo * Right-click "Certificates" in folder below
echo * Select "All Tasks" -^> Import...
echo * Click [Next] and then browse to select the PEM file created by this batch file routine
echo * In following prompts, place PEM certificate in Trusted Root Certification Authorities Store
echo.
echo Press any key to continue to instructions for adding the PEM to Firefox.
pause
echo.
cls
echo In Firefox:
echo.
echo * Go to "about:preferences" in URL
echo * Search for "certificates"
echo * Click on [View Certificates]
echo * Click on "Authorities" tab
echo * Click on "Imports"
echo * Import the PEM file, checking all boxes to trust the certificate
echo * Click [OK] and you're done
echo.
echo When finished with this, run b.bat and follow its instructions at the end.
echo.
call unsetEnvironmentVariables
@echo off
rem This is B.BAT
cls
echo.
echo setEnvironmentVariables.bat is assumed to have been edited!
call setEnvironmentVariables
echo.
echo Creating localhost KEY file
openssl genrsa -out %HOSTFILE%.key 2048
echo.
echo.
echo Creating localhost CSR file
openssl req -new -key %HOSTFILE%.key -out %HOSTFILE%.csr -config %CONFIG%
echo.
echo.
echo Writing EXTFILE for last routine...
echo.
echo authorityKeyIdentifier=keyid,issuer > %EXTFILE%
echo basicConstraints=CA:FALSE >> %EXTFILE%
echo keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment >> %EXTFILE%
echo subjectAltName = @alt_names >> %EXTFILE%
echo.>> %EXTFILE%
echo [alt_names] >> %EXTFILE%
echo DNS.1 = %CN% >> %EXTFILE%
echo DNS.2 = 127.0.0.1 >> %EXTFILE%
echo.
echo Writing localhost CRT file
echo.
openssl x509 -req -passin pass:foobar -in %HOSTFILE%.csr -CA %CAFILE%.pem -CAkey %CAFILE%.key -CAcreateserial -out %HOSTFILE%.crt -days 3650 -sha256 -extfile %EXTFILE%
echo.
echo.
echo Next, edit Windows HOST and HTTPD-VHOSTS.CONF and copy files to Xampp/Apache.
echo Press any key to continue to instructions.
echo.
pause
cls
echo.
echo * Edit C:\Windows\System32\drivers\etc\hosts to include the localhost name specified in the PEM
echo * Edit C:\xampp\apache\conf\extra\httpd-vhosts.conf to include the localhost name specified in the PEM
echo * Copy the .KEY file created by this routine to C:\xampp\apache\conf\ssl.key
echo * Copy the .CRT file created by this routine to C:\xampp\apache\conf\ssl.crt
echo * Restart Xampp/Apache and you're done.
call unsetEnvironmentVariables
setEnvironmentVariables.bat is assumed to have been edited!
'setEnvironmentVariables' is not recognized as an internal or external command,
operable program or batch file.
Creating CA KEY file...
Generating RSA private key, 2048 bit long modulus
................................+++
...................+++
e is 65537 (0x10001)
Creating CA PEM file...
unknown option .pem
req [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-out arg output file
-text text form of request
-pubkey output public key
-noout do not output REQ
-verify verify signature on REQ
-modulus RSA modulus
-nodes don't encrypt the output key
-engine e use engine e, possibly a hardware device
-subject output the request's subject
-passin private key password source
-key file use the private key contained in file
-keyform arg key file format
-keyout arg file to send the key to
-rand file;file;...
load the file (or the files in the directory) into
the random number generator
-newkey rsa:bits generate a new RSA key of 'bits' in size
-newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'
-newkey ec:file generate a new EC key, parameters taken from CA in 'file'
-[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)
-config file request template file.
-subj arg set or modify request subject
-multivalue-rdn enable support for multivalued RDNs
-new new request.
-batch do not ask anything during request generation
-x509 output a x509 structure instead of a cert. req.
-days number of days a certificate generated by -x509 is valid for.
-set_serial serial number to use for a certificate generated by -x509.
-newhdr output "NEW" in the header lines
-asn1-kludge Output the 'request' in a format that is wrong but some CA's
have been reported as requiring
-extensions .. specify certificate extension section (override value in config file)
-reqexts .. specify request extension section (override value in config file)
-utf8 input characters are UTF8 (default ASCII)
-nameopt arg - various certificate name options
-reqopt arg - various request text options
Next, register the .PEM file with Windows and Firefox, then run b.bat.
Press any key to continue to instructions.
Press any key to continue . . .
example.test
static.example.test
es.example.test
fr.example.test
example2.test
static.example2.test
es.example2.test
fr.example2.test
<VirtualHost example.test:443>
DocumentRoot "E:/home/example/public_html"
ServerName example.test
ServerAlias *.example.test example.test
SSLEngine on
SSLCertificateFile "crt/example.test/example_server.crt"
SSLCertificateKeyFile "crt/example.test/example_server.key"
<Directory "E:/home/example/public_html">
AllowOverride All
Options All
Require all granted
</Directory>
</VirtualHost>
Users browsing this forum: No registered users and 113 guests