OpenSSL
Binaries of Apache 2.2.6 for Windows with OpenSSL 0.9.8g (mod_ssl) and mod_deflate support
Submitted by ross on Wed, 11/21/2007 - 10:00UPDATE: Apache now officially includes openssl support. See http://www.apache.org/dist/httpd/binaries/win32/.
I wanted to compile Apache with SSL support, and found the instructions at http://www.devside.net/web/server/windows/apache-ssl-deflate very helpful, but I wanted to automate the process as much as possible.
So I created the makefile apache.mak. To use, you will need to have Cygwin (including flex), ActiveState Perl, an assembler (at least MASM 8.0, I haven't tried NASM), and MSVC 6.0 or later installed. Review the paths at the beginning of apache.mak, and modify as needed. Then, to compile Apache, simply type:$ make -f apache.makThe binaries are available here.
How to generate OpenSSL keys for Apache for Windows
Submitted by ross on Wed, 10/31/2007 - 20:09I recently downloaded http://www.apache.org/dist/httpd/binaries/win32/apache_2.2.6-win32-x86-openssl-0.9.8e.msi from http://www.apache.org/dist/httpd/binaries/win32/, but found no easy way to generate the proper OpenSSL keys, to use the HTTPS protocol, so I wrote this little script:
@echo off if not defined apache_dir set apache_dir=C:\Program Files\Apache Software Foundation\Apache2.2 if not defined apache_conf_dir set apache_conf_dir=%apache_dir%\conf if not defined openssl_conf set openssl_conf=%apache_conf_dir%\openssl.cnf if not defined openssl_opts set openssl_opts=-config "%openssl_conf%" if not defined openssl set openssl=%apache_dir%\bin\openssl.exe if not exist "%apache_dir%" ( echo Directory not found: "%apache_dir%" goto :eof ) if not exist "%apache_conf_dir%" ( echo Directory not found: "%apache_conf_dir%" goto :eof ) if not exist "%openssl_conf%" ( echo File not found: "%openssl_conf%" goto :eof ) if not exist "%openssl%" ( echo File not found: "%openssl%" goto :eof ) pushd "%apache_conf_dir%" "%openssl%" req %openssl_opts% -new -out server.csr || goto :eof "%openssl%" rsa -in privkey.pem -out server.key || goto :eof "%openssl%" x509 -in server.csr -out server.crt -req -signkey server.key -days 3650 popd
then I added the following to the end of my httpd.conf, and I was off an running:
LoadModule ssl_module modules/mod_ssl.so <IfModule ssl_module> Listen 443 NameVirtualHost *:443 SSLRandomSeed startup builtin SSLRandomSeed connect builtin AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtin SSLSessionCache "shmcb:C:/Program Files/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"
- ross's blog
- Login to post comments
- Read more
Binaries of Apache 2.0.61 for Windows with OpenSSL 0.9.8g (mod_ssl) and mod_deflate support
Submitted by ross on Sat, 11/10/2007 - 06:30Binaries of Apache 2.2.6 are available here.
I wanted to compile Apache with SSL support, and found the instructions at http://www.devside.net/web/server/windows/apache-ssl-deflate very helpful, but I wanted to automate the process as much as possible.
So I created the makefile apache-2.0.61.mak. To use, you will need to have Cygwin (including flex), ActiveState Perl, an assembler (NTDDK or NASM), and MSVC 6.0 or later installed. Review the paths at the beginning of apache.mak, and modify as needed. Then, to compile Apache, simply type:
$ make -f apache-2.0.61.mak
To run apache with SSL support, you will need to stop any other services that are using port 80, or port 443. For example, if you have already have Apache running, type:
c:\> net stop apache2
Now start the SSL version of Apache:
C:\> C:/Program Files/Apache Group/Apache2\apache -D SSL
To test it, simply browse to https://127.0.0.1/. Since this is a self signed certificate, you will receive a message about an unknown certificate authority. Simply click 'Ok' and you should see Apache's standard welcome page.
Using httpd-2.0.61_zlib-1.2.3.patch, this version compiles using the latest version of zlib (1.2.3).
Binaries, and some example configuration files, are available in apache-2.0.61_openssl-0.9.8g.zip.
