Posted on

Windows – Enable SSL for Apache

How to enable SSL for an Apache web server?

1. Create a certificate and key, using keytool and openssl

Create a keystore (.jks) file:

keytool -genkey -alias rolf -keyalg RSA -keystore rolf.jks -keysize 2048

Create a pfx (.p12) file:

keytool -importkeystore -srckeystore rolf.jks -destkeystore rolf.p12 -deststoretype PKCS12

Start openssl and generate .key- and .crt files:

OpenSSL> pkcs12 -in rolf.p12 -nocerts -out rolf.org.key
OpenSSL> pkcs12 -in rolf.p12 -clcerts -nokeys -out rolf.crt

Remove the private keyphrase from the .key file:

OpenSSL> rsa -in rolf.org.key -out rolf.key

2. Update the httpd.conf file

Enable mod_ssl.so (uncomment the next line):

LoadModule ssl_module modules/mod_ssl.so

Include the SSL config file (add the following line):

Include conf/extra/httpd-ssl.conf

3. Update the httpd-ssl.conf file

Disable the cache:

#   Inter-Process Session Cache:
#   Configure the SSL Session Cache: First the mechanism 
#   to use and second the expiring timeout (in seconds).
#SSLSessionCache        "dbm:c:/Apache24/logs/ssl_scache"
#SSLSessionCache        "shmcb:c:/Apache24/logs/ssl_scache(512000)"
#SSLSessionCacheTimeout 300

Add the location of the .key and .crt files:

#SSLCertificateFile "c:/Apache24/conf/server.crt"
SSLCertificateFile "C:/.../apache/conf/rolf.crt"
# SSLCertificateKeyFile "c:/Apache24/conf/server.key"
SSLCertificateKeyFile "C:/.../apache/conf/rolf.key"

Disable per-server logging:

#   Per-Server Logging:
#   The home of a custom SSL log file. Use this when you want a
#   compact non-error SSL logfile on a virtual host basis.
#CustomLog "c:/Apache24/logs/ssl_request.log" \
#          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

Disable PassPhraseDialog:

#   Pass Phrase Dialog:
#   Configure the pass phrase gathering process.
#   The filtering dialog program (`builtin' is an internal
#   terminal dialog) has to provide the pass phrase on stdout.
#SSLPassPhraseDialog  builtin

4. PHP OpenSSL extension not working (TYPO3)

Activate the PHP module openssl in php.ini

extension=php_openssl.dll

Add an environment variable “OPENSSL_CONF” with value:

C:\...\apache\conf\openssl.cnf

Add to the PATH environment variable:

C:\...\apache\bin

Restart the webserver.

5. Resource

http://stackoverflow.com/questions/23754996/php-openssl-extension-not-working-while-install-typo3-6-2-2-on-window7

Posted on

Windows – Symbolic links

How to create a Symbolic Link in Windows 7?

Open the command prompt and type:

C:\Copy>mklink /D stuff "C:\Users\rvgelder\Desktop\my stuff\stuff"
symbolic link created for stuff <<===>> C:\Users\rvgelder\Desktop\my stuff\stuff

This creates a symbolic link in the C:\Copy directory pointing at a folder named ‘my stuff\stuff’, located at the desktop.

How to remove a Symbolic Link?

rmdir stuff