DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 

Binaries of Apache 2.0.61 for Windows with OpenSSL 0.9.8g (mod_ssl) and mod_deflate support

Binaries of Apache 2.2.6 are available here.

I wanted to compile Apache with SSL support, and found the instructions at http://www.devside.net/web/server/windows/apache-ssl-deflate very helpful, but I wanted to automate the process as much as possible.

So I created the makefile apache-2.0.61.mak. To use, you will need to have Cygwin (including flex), ActiveState Perl, an assembler (NTDDK or NASM), and MSVC 6.0 or later installed. Review the paths at the beginning of apache.mak, and modify as needed. Then, to compile Apache, simply type:

$ make -f apache-2.0.61.mak

To run apache with SSL support, you will need to stop any other services that are using port 80, or port 443. For example, if you have already have Apache running, type:

c:\> net stop apache2

Now start the SSL version of Apache:

C:\> C:/Program Files/Apache Group/Apache2\apache -D SSL

To test it, simply browse to https://127.0.0.1/. Since this is a self signed certificate, you will receive a message about an unknown certificate authority. Simply click 'Ok' and you should see Apache's standard welcome page.

Using httpd-2.0.61_zlib-1.2.3.patch, this version compiles using the latest version of zlib (1.2.3).

Binaries, and some example configuration files, are available in apache-2.0.61_openssl-0.9.8g.zip.

These include:

bin/libeay32.dll
bin/openssl.exe
bin/ssleay32.dll
bin/openssl.cnf
conf/httpd.conf
conf/ssl.conf
conf/ssl.crt/server.crt
conf/ssl.key/server.key
modules/mod_ssl.so
modules/mod_deflate.so

To install, first download and install apache_2.0.61-win32-x86-no_ssl.msi.

Then unzip apache-2.0.61_openssl-0.9.8g.zip into the directory you installed Apache in (typically C:/Program Files/Apache Group/Apache2).

Note: The .so files are actually Win32 DLL executables, they just have the standard Linux file extension.

Other keywords: Apache2, binary, deflate, executables, mod_ssl, SSL, Win32

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Thank God someone opened this

Thank God someone opened this thread. I was pulling my hair trying to get things done. There isn't any other post related on the entire world wide web. Perhaps I should upgrade and get to date.
Eddie Petosa

How do you generate a self

How do you generate a self signed SSL certificate with OpenSSL? I'd like to create a few self-signed SSL certificates using OpenSSL. How can I accomplish this?

maryleen,

The steps to create a self-signed certificate are contained in the file http://smithii.com/files/apache-2.0.61.mak.

SSL alternatives

I wasn't such a big fan of SSL until I realized how important this certificate is for my business. I thought the process was gonna give me a lot of trouble but frankly it went really smooth. I recommend buying a ssl certificate for your site if you really want to offer the best there is to your customers.

I long for thee at heart.

passphrase in apache

hello..
i have install apache_2.0.61-win32-x86-no_ssl.msi and apache-2.0.61_openssl-0.9.8g.zip
in my pc. i also have use the pgp and md5 (which was in the zip).
But now i need the passphrase.bat.
How can i find it?
Thank you

laracroft_alex

I don't know of any passphrase.bat. I do know that the sample .key and .per files that are in the .zip file use the passphrase of 'aaaa', without quotes.

You should generate your own keys though. Please see How to generate OpenSSL keys for Apache for Windows for more information.

generate keys

Hello again! Thank you for your answers!I appreciate it very much..
I am sorry but i dont understand, for having ssl in my apache
i need to generate obligatory the keys(which the keys are the pgp and the
md5 in the zip?)?
And also in the code "How to generate OpenSSL keys for Apache for Windows"
the second one i put it on the end of httpd.conf file..
The first one where can i write it??
Thank you for answering me..

laracroft_alex,

Sorry, but I'm not sure what you need help with, exactly.

Could you please describe what you have done so far, and what you are stuck on?

Thanks,

Ross

thanks

Big thanks! Very helpful

---------
Download Duffy Mp3

apache-2.0.59_openssl-0.9.8d

Hello,
i want the PGP and the MD5 for apache-2.0.59_openssl-0.9.8d..
Thank you

laracroft_alex,

Here's how you can download and verify the integrity of any file in the http://smithii.com/files/ folder on my server:

$ gpg --keyserver hkp://subkeys.pgp.net --recv-key 0x5EE28EE8
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: requesting key 5EE28EE8 from hkp server subkeys.pgp.net
gpg: key 5EE28EE8: "Ross R. Smith II <ross hat smithii.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

$ wget -q -O apache-2.0.59_openssl-0.9.8d.zip 'http://smithii.com/ross/download.php?file=apache-2.0.59_openssl-0.9.8d.zip&cb1=&submit='

$ wget -q http://smithii.com/files/md5sum.txt

$ wget -q http://smithii.com/files/md5sum.txt.asc

$ gpg --verify md5sum.txt.asc md5sum.txt
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: Signature made Tue Oct 30 10:05:51 2007 PDT using DSA key ID 5EE28EE8
gpg: Good signature from "Ross R. Smith II <ross hat smithii.com>"

$ grep apache-2.0.59_openssl-0.9.8d.zip md5sum.txt | md5sum -c -
apache-2.0.59_openssl-0.9.8d.zip: OK

thx

Thank you! I need it too!

the second one i put it on

the second one i put it on the end of httpd.conf file..
The first one where can i write it??
Thank you for answering me bet365 ?

apache-2.0.59_openssl-0.9.8d.zip

apache-2.0.59_openssl-0.9.8d.zip is not download...

why??

suh yong seon,

My bad. I reorganized my website, and broke this link. It's back up now. Thanks for the heads up,

Ross

Client authentication (SSLVerifyClient require)

Can you post some article about client authentication? If I set:

SSLVerifyClient require

then I got this error:

Certificate Verification: Error (20): unable to get local issuer certificate

I have searched the web for several hours, but couldn't find a solution. There were some similar problems reported, but its solutions didn't helped me. :(

Apache 2.0.58

Ross,

Do you have plans to re-compile to 2.0.58 ?

There is a mod_proxy + mod_ssl bug in 2.0.55 where you cannot post a form with > 8kB of CONTENT_LENGTH using mod_proxy over ssl. See http://www.apache.org/dist/httpd/CHANGES_2.0.58 ... mod_proxy_http:PR 37145.

This problem occurs on both your win32 binary as well as 2.0.55 on Linux. After re-compiling to 2.0.58 on Linux, we can you post well over 100kB using mod_proxy over ssl.

Crashes

I can generate a .csr with:
openssl req -config openssl.cnf -new -out my-server.csr

When I do the following, I get an error. Is there something special I need to enter when prompted for a pass phrase?

C:\Program Files\Apache Group\Apache2\bin>openssl rsa -in privkey.pem -out my-server.key
Enter pass phrase for privkey.pem:
unable to load Private Key
3588:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:.\crypto\evp\evp_enc.c:454:
3588:error:0906A065:PEM routines:PEM_do_header:bad decrypt:.\crypto\pem\pem_lib.c:425:

Using Windows XP, Apache 2.0.54.
The bin directory is also in my Windows path.

You need to enter the same passphrase you used before

Otherwise, it will give you the cryptic (no pun intended) error message you are getting.

OK, I found out what I was mi

OK, I found out what I was missing...

The openssl.conf file contains a default passphrase of 'aaaa'.

As a helpful suggestion to Ross, you could:

a) make it bleedingly obvious in your tutorial doc that the default passphrase is aaaa, OR

b) remove 'aaaa' from the openssl.cnf that you supply, and amend your tutorial doco to show the passphrase being typed in when you generate a certificate request.

Other than that, I'm grateful you've supplied the binaries, and am now going to see if mod_jk2 will be nice enough to pass on SSL requests from Apache to JBoss/Tomcat.

but i didn't enter any passph

but i didn't enter any passphrase in the first place???

See http://tud.at/programm/apache-ssl-win32-howto.php3 and Step 3.

The first command works to generate a .csr, but the second command fails. What am I missing here?

Apache 2.0.54 + OpenSSL 0.9.8

I'm actually not a terrorist (surprise!) and after agreeing to the five checkboxes, I got the ZIP file ... but it has 0 bytes.

Is that just me?

I just tried it again with Firefox, works fine

Try a different browser, and make sure to disable any download accelerators, such as GetRight, FlashGet, etc.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 
Special thanks to Riester Rente Online for a generous donation!