Alpha Space -> Computers -> Configuring Apache with SSL

Configuring Apache 2.2.x with SSL

1 Basic (Optional)

• Edit the following directives and tags in APACHE_HOME/conf/httpd.conf,

  ServerRoot, ServerAdmin, ServerName, DocumentRoot, 
  <Directory %DocumentRoot%>, DirectoryIndex, ScriptAlias /cgi-bin/, 
  <Directory %cgi-bin%>

• Uncomment the following line,

  Include conf/extra/httpd-manual.conf

• Edit the directory in APACHE_HOME/conf/extra/httpd-manual.conf

2 Creating a RSA private key

Usually a key can be created by one of the following two commands,

    openssl genrsa -des3 -out server.key
    openssl genrsa -out server.key

The -des3 option is used to protect the key by a password, but win32 platform doesn't support encrypted keys. The following error will be generated if you try to start Apache, "SSLPassPhraseDialog builtin is not supported on Win32"

3 Creating a self-signed certificate

Find openssl.cnf (OpenSSL configuration file) at "openssl\apps" directory of OpenSSL source code.

    openssl req -config openssl.cnf -new -x509 -key server.key -out 
        server.crt -days 365

4 Editing APACHE_HOME/conf/httpd.conf

Uncomment the following lines,

    LoadModule ssl_module modules/mod_ssl.so
    Include conf/extra/httpd-ssl.conf

5 Editing conf/extra/httpd-ssl.conf

• Change directive SSLMutex to default
• Edit the following directives (Optional),

  DocumentRoot, ServerName, ServerAdmin, ErrorLog, TransferLog, 
  SSLCertificateFile, SSLCertificateKeyFile