Binaries of Apache 2.0.61 for Windows with OpenSSL 0.9.8g (mod_ssl) and mod_deflate support
Binaries of Apache 2.2.6 are available here.
I wanted to compile Apache with SSL support, and found the instructions at http://www.devside.net/web/server/windows/apache-ssl-deflate very helpful, but I wanted to automate the process as much as possible.
So I created the makefile apache-2.0.61.mak. To use, you will need to have Cygwin (including flex), ActiveState Perl, an assembler (NTDDK or NASM), and MSVC 6.0 or later installed. Review the paths at the beginning of apache.mak, and modify as needed. Then, to compile Apache, simply type:
$ make -f apache-2.0.61.mak
To run apache with SSL support, you will need to stop any other services that are using port 80, or port 443. For example, if you have already have Apache running, type:
c:\> net stop apache2
Now start the SSL version of Apache:
C:\> C:/Program Files/Apache Group/Apache2\apache -D SSL
To test it, simply browse to https://127.0.0.1/. Since this is a self signed certificate, you will receive a message about an unknown certificate authority. Simply click 'Ok' and you should see Apache's standard welcome page.
Using httpd-2.0.61_zlib-1.2.3.patch, this version compiles using the latest version of zlib (1.2.3).
Binaries, and some example configuration files, are available in apache-2.0.61_openssl-0.9.8g.zip.
These include:
bin/libeay32.dll bin/openssl.exe bin/ssleay32.dll bin/openssl.cnf conf/httpd.conf conf/ssl.conf conf/ssl.crt/server.crt conf/ssl.key/server.key modules/mod_ssl.so modules/mod_deflate.so
To install, first download and install apache_2.0.61-win32-x86-no_ssl.msi.
Then unzip apache-2.0.61_openssl-0.9.8g.zip into the directory you installed Apache in (typically C:/Program Files/Apache Group/Apache2).
Note: The .so files are actually Win32 DLL executables, they just have the standard Linux file extension.
Other keywords: Apache2, binary, deflate, executables, mod_ssl, SSL, Win32
- ross's blog
- Login to post comments
Thank God someone opened this
Thank God someone opened this thread. I was pulling my hair trying to get things done. There isn't any other post related on the entire world wide web. Perhaps I should upgrade and get to date.
Eddie Petosa
How do you generate a self
How do you generate a self signed SSL certificate with OpenSSL? I'd like to create a few self-signed SSL certificates using OpenSSL. How can I accomplish this?
maryleen,
The steps to create a self-signed certificate are contained in the file http://smithii.com/files/apache-2.0.61.mak.
SSL alternatives
I wasn't such a big fan of SSL until I realized how important this certificate is for my business. I thought the process was gonna give me a lot of trouble but frankly it went really smooth. I recommend buying a ssl certificate for your site if you really want to offer the best there is to your customers.
I long for thee at heart.
passphrase in apache
hello..
i have install apache_2.0.61-win32-x86-no_ssl.msi and apache-2.0.61_openssl-0.9.8g.zip
in my pc. i also have use the pgp and md5 (which was in the zip).
But now i need the passphrase.bat.
How can i find it?
Thank you
laracroft_alex
I don't know of any passphrase.bat. I do know that the sample .key and .per files that are in the .zip file use the passphrase of 'aaaa', without quotes.
You should generate your own keys though. Please see How to generate OpenSSL keys for Apache for Windows for more information.
generate keys
Hello again! Thank you for your answers!I appreciate it very much..
I am sorry but i dont understand, for having ssl in my apache
i need to generate obligatory the keys(which the keys are the pgp and the
md5 in the zip?)?
And also in the code "How to generate OpenSSL keys for Apache for Windows"
the second one i put it on the end of httpd.conf file..
The first one where can i write it??
Thank you for answering me..
laracroft_alex,
Sorry, but I'm not sure what you need help with, exactly.
Could you please describe what you have done so far, and what you are stuck on?
Thanks,
Ross
thanks
Big thanks! Very helpful
---------
Download Duffy Mp3
apache-2.0.59_openssl-0.9.8d
Hello,
i want the PGP and the MD5 for apache-2.0.59_openssl-0.9.8d..
Thank you
laracroft_alex,
Here's how you can download and verify the integrity of any file in the http://smithii.com/files/ folder on my server:
thx
Thank you! I need it too!
the second one i put it on
the second one i put it on the end of httpd.conf file..
The first one where can i write it??
Thank you for answering me bet365 ?
apache-2.0.59_openssl-0.9.8d.zip
apache-2.0.59_openssl-0.9.8d.zip is not download...
why??
suh yong seon,
My bad. I reorganized my website, and broke this link. It's back up now. Thanks for the heads up,
Ross
Client authentication (SSLVerifyClient require)
Can you post some article about client authentication? If I set:
SSLVerifyClient require
then I got this error:
Certificate Verification: Error (20): unable to get local issuer certificate
I have searched the web for several hours, but couldn't find a solution. There were some similar problems reported, but its solutions didn't helped me. :(
Apache 2.0.58
Ross,
Do you have plans to re-compile to 2.0.58 ?
There is a mod_proxy + mod_ssl bug in 2.0.55 where you cannot post a form with > 8kB of CONTENT_LENGTH using mod_proxy over ssl. See http://www.apache.org/dist/httpd/CHANGES_2.0.58 ... mod_proxy_http:PR 37145.
This problem occurs on both your win32 binary as well as 2.0.55 on Linux. After re-compiling to 2.0.58 on Linux, we can you post well over 100kB using mod_proxy over ssl.
Crashes
I can generate a .csr with:
openssl req -config openssl.cnf -new -out my-server.csr
When I do the following, I get an error. Is there something special I need to enter when prompted for a pass phrase?
C:\Program Files\Apache Group\Apache2\bin>openssl rsa -in privkey.pem -out my-server.key
Enter pass phrase for privkey.pem:
unable to load Private Key
3588:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:.\crypto\evp\evp_enc.c:454:
3588:error:0906A065:PEM routines:PEM_do_header:bad decrypt:.\crypto\pem\pem_lib.c:425:
Using Windows XP, Apache 2.0.54.
The bin directory is also in my Windows path.
You need to enter the same passphrase you used before
Otherwise, it will give you the cryptic (no pun intended) error message you are getting.
OK, I found out what I was mi
OK, I found out what I was missing...
The openssl.conf file contains a default passphrase of 'aaaa'.
As a helpful suggestion to Ross, you could:
a) make it bleedingly obvious in your tutorial doc that the default passphrase is aaaa, OR
b) remove 'aaaa' from the openssl.cnf that you supply, and amend your tutorial doco to show the passphrase being typed in when you generate a certificate request.
Other than that, I'm grateful you've supplied the binaries, and am now going to see if mod_jk2 will be nice enough to pass on SSL requests from Apache to JBoss/Tomcat.
but i didn't enter any passph
but i didn't enter any passphrase in the first place???
See http://tud.at/programm/apache-ssl-win32-howto.php3 and Step 3.
The first command works to generate a .csr, but the second command fails. What am I missing here?
Apache 2.0.54 + OpenSSL 0.9.8
I'm actually not a terrorist (surprise!) and after agreeing to the five checkboxes, I got the ZIP file ... but it has 0 bytes.
Is that just me?
I just tried it again with Firefox, works fine
Try a different browser, and make sure to disable any download accelerators, such as GetRight, FlashGet, etc.