win Apache 使用 openssl 开启ssl步骤

openssl 版本

OpenSSL> version
OpenSSL 1.0.1g 7 Apr 2014

无法启动 httpd

C:\Users\Administrator>httpd -v
Server version: Apache/2.4.9 (Win64)
Apache Lounge VC11 Server built:   Mar 16 2014 12:42:59

C:\Users\Administrator>httpd -X
AH00526: Syntax error on line 73 of D:/wamp/bin/apache/apache2.4.9/conf/extra/httpd-ssl.conf:
SSLSessionCache: ‘shmcb‘ session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?).

C:\Users\Administrator>httpd -X
AH00526: Syntax error on line 103 of D:/wamp/bin/apache/apache2.4.9/conf/extra/httpd-ssl.conf:
SSLCertificateFile: file ‘C:/Apache24/conf/server.crt‘ does not exist or is empty
[email protected]20140115FZ /cygdrive/d
$ cd d:/wamp/bin/apache/apache2.4.9/bin/

[email protected]20140115FZ /cygdrive/d/wamp/bin/apache/apache2.4.9/bin
$ ls
ab.exe              htdigest.exe       libeay32.dll    php5ts.dll
abs.exe             htpasswd.exe       libhttpd.dll    rotatelogs.exe
ApacheMonitor.exe   httpd.exe          libxml2.dll     ssleay32.dll
apr_dbd_odbc-1.dll  httxt2dbm.exe      logresolve.exe  wintty.exe
apr_ldap-1.dll      iconv              lua51.dll       zlib1.dll
dbmmanage.pl        libapr-1.dll       openssl.exe
htcacheclean.exe    libapriconv-1.dll  pcre.dll
htdbm.exe           libaprutil-1.dll   php.ini

[email protected]20140115FZ /cygdrive/d/wamp/bin/apache/apache2.4.9/bin
$ pwd
/cygdrive/d/wamp/bin/apache/apache2.4.9/bin

生成服务器证书

D:\wamp\bin\apache\apache2.4.9\bin>openssl req -new -out server.csr -config ../conf/openssl.cnf
WARNING: can‘t open config file: C:\vc11_deps\repo\winlibs_openssl/install_x64/openssl.cnf
Loading ‘screen‘ into random state - done Generating a 1024 bit RSA private key.++++++....++++++
writing new private key to ‘privkey.pem‘
Enter PEM pass phrase:
7624:error:28069065:lib(40):UI_set_result:result too small:.\crypto\ui\ui_lib.c:
869:You must type in 4 to 511 characters
7624:error:0906406D:PEM routines:PEM_def_callback:problems getting password:.\cr
ypto\pem\pem_lib.c:111:
7624:error:0907E06F:PEM routines:DO_PK8PKEY:read key:.\crypto\pem\pem_pk8.c:130:

D:\wamp\bin\apache\apache2.4.9\bin>openssl req -new -out server.csr -config ../conf/openssl.cnf
WARNING: can‘t open config file: C:\vc11_deps\repo\winlibs_openssl/install_x64/openssl.cnf
Loading ‘screen‘ into random state - done
Generating a 1024 bit RSA private key
...................++++++
......................................++++++
writing new private key to ‘privkey.pem‘
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.‘, the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:GuangDong
Locality Name (eg, city) []:GuangZhou
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Localhost
Organizational Unit Name (eg, section) []:Baidu
Common Name (e.g. server FQDN or YOUR name) []:default7-csdn
Email Address []:default[email protected]

Please enter the following ‘extra‘ attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []:Baidu-optional

D:\wamp\bin\apache\apache2.4.9\bin>

bin 目录下,成功生成 privkey.pemserver.csr 2个文件。

生成私匙

D:\wamp\bin\apache\apache2.4.9\bin>openssl rsa -in privkey.pem -out server.key
WARNING: can‘t open config file: C:\vc11_deps\repo\winlibs_openssl/install_x64/openssl.cnf
Enter pass phrase for privkey.pem:
writing RSA key

D:\wamp\bin\apache\apache2.4.9\bin>

bin 目录成功生成 server.key

创建证书 server.crt

D:\wamp\bin\apache\apache2.4.9\bin>openssl x509 -in server.csr -out server.crt -
req -signkey server.key -days 365
WARNING: can‘t open config file: C:\vc11_deps\repo\winlibs_openssl/install_x64/openssl.cnf
Loading ‘screen‘ into random state - done
Signature ok
subject=/C=CN/ST=GuangDong/L=GuangZhou/O=Localhost/OU=Baidu/CN=default7-csdn/[email protected]
Getting Private key

D:\wamp\bin\apache\apache2.4.9\bin>

撤销客户端证书

(欢迎交流 by [email protected])

第三方ssl证书

godaddy ssl证书
dreamhost ssl证书

版权声明:本文为博主原创文章,未经博主允许不得转载。

时间: 2024-12-15 01:51:46

win Apache 使用 openssl 开启ssl步骤的相关文章

【转】原来win+apache实现ssl的证书认证如此简单

[精华] 原来win+apache实现ssl的证书认证如此简单 http://www.chinaunix.net 作者:ataman  发表于:2008-05-22 18:16:46 [发表评论] [查看原文] [Web服务器讨论区][关闭] windows+apache的情况下,实现ssl的证书认证 (win下用openssl做证书极为困难的问题彻底解决了) 我写得非常详细,一步一步都说得很清楚.实际操作极为简单,要不了5分钟,是我的字打得太多了.如果发现错误,遗漏请提出. 首先,到http:

linux下apache安装ssl步骤

制作证书: 参考:linux下运用opensll制作ssl证书 生成三个证书 server.crt .server-ca.crt.server.key 安装openssl tar -xzvf openssl-1.0.2h.tar.gzcd openssl-1.0.2h./config -fPIC enable-sharedmake dependmake && make installmake clean && make distclean #openssl类库做软连接ln

windows下面配置apache+https(利用SSL)服务器

1.下载带有openSSL的apache安装包,我下载的为apache_2.2.11-win32-x86-openssl-0.9.8i.msi,安装后确认一下bin路径下的openssl.exe,ssleay32.dll和libeay32.dll,无误进行下一步. 2.修改两个配置文件,一个为conf/httpd.conf,另一个为conf/extra/httpd-ssl.conf (a)修改httpd.conf 为了使apache启动的时候调用ssl的服务,我们需要在配置文件中做一些修改.找到

php开启ssl的方法

当访问启用SSL资源的时候,会出现\"did you forget to enable it when you configured PHP\"错误提示,从提示我们可以看出肯定是php.ini中没有配置好SSL模块.打开php.ini找到extension=php_openssl.dll,取消注释 在PHP开启SSL的方法很简单,先找到php.ini文件,将 extension=php_openssl.dll 前面的注释符号“;”去掉,然后重新启动apache就可以生效了! 有的朋友这

在Apache服务器上安装SSL证书

在Apache服务器上安装SSL证书 阿里云SSL证书服务支持下载证书安装到Apache服务器,从而使Apache服务器支持HTTPS安全访问.本文介绍了证书安装的具体操作. 前提条件 您的Apache服务器上已经开启了443端口(HTTPS服务的默认端口). 您的Apache服务器上已安装了mode_ssl.so模块(启用SSL功能). 本文档证书名称以domain name为示例,例如:证书文件名称为domain name_public.crt,证书链文件名称为domain name_cha

LAMP----linux+apache+mysql+php详细安装步骤之一APACHE篇(openldap等)

LAMP----linux+apache+mysql+php详细安装步骤之一APACHE篇(openldap等) linux详细版本为RHEL5.3 [[email protected] mail]# uname -a Linux localhost.localdomain 2.6.18-128.el5 #1 SMP Wed Dec 17 11:42:39 EST 2008 i686 i686 i386 GNU/Linux 1.上传apache源代码文件 httpd-2.2.13.tar.bz2

Linux+Apache下如何安装SSL证书

最近很多站长在问linux系统平台下如何安装SSL证书?Linux+Apache下如何安装SSL证书?本文整理了关于Linux+Apache下如何安装SSL证书的相关教程供大家参考,更多SSL证书安装部署问题可咨询沃通CA. 一.申请SSL证书 Linux+Apache下如何安装SSL证书?在Linux+Apache下安装SSL证书之前你得先去沃通CA申请一张全球可信的SSL证书,你可以选择付费的中高端SSL证书,也可以选择基础级的免费SSL证书. 二.文件备份 由于安装SSL证书要修改服务器的

WAMP(Win+Apache+MySQL+PHP)-环境搭建

在使用php语言开发程序之前,首先要在系统中搭建开发环境,接下来记录如何搭建WAMP(Win+Apache+MySQL+PHP),建议在安装之前新建一个名为WAMP的目录,方便管理和使用. 一:Apache的安装 1.官网下载地址:https://httpd.apache.org/,点击Download下载解压包 2.安装 下载解压到本地文件夹(注:文件夹不要出现特殊字符或中文) 3:配置 1.打开文件位置:Apache24\conf\下的httpd.conf,用编辑器打开,找到大约在38行(可

MySQL8开启ssl加密

1 概述 MySQL从5.7开始默认开启SSL加密功能,进入MySQL控制台后输入status可以查看ssl的状态,出现下图表示在使用ssl: 另外,ssl加密需要密钥与证书,可以使用openssl手动生成或使用mysql_ssl_rsa_setup自动生成,这里使用了mysql_ssl_rsa_setup. 下面从安装开始. 2 安装(可选) 系统CentOS,直接使用yum安装(编译安装可以看这里),先用list查看一下: 这里的版本是8.0.17,不算太旧,就不去官网下载了,直接insta