Setup Apache-Subversion on Windows XP - Part 2 - SSL

by admin 24. November 2006 07:53

Here's part two of my Apache-Subversion setup process. This time we're setting up SSL on the server.

1. Generate SSL Certificates

First up we need to generate some certificates for the system. Although OpenSSL came with the Apache install, it doesn't include all the necessary config files by default so the easiest way I found was to download a separate set of binaries which run straight out of the box. Grab OpenSSL from http://www.slproweb.com/products/Win32OpenSSL.html and install it.

The certificates are generated through the following commands:

openssl req -new -out server.csr
openssl rsa -in privkey.pem -out server.key
openssl x509 -in server.csr -out server.crt -req -signkey server.key

Fill in the appropriate info when prompted. Make sure that when you're prompted for the Common Name (eg, your websites domain name) you put in the address of the server (e.g., www.rikware.com). Note that these certificates are of course not signed by a certificate authority so you will be warned when visiting the site that they may be insecure. You can avoid this by distributing the server.crt file to your clients separately. Alternatively get the certificates signed properly, but I'm not going in to how that is done. Check out http://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL for some more info.

You should now have a server.crt and server.key file. Copy those to the /Apache/conf/ssl.crt/ and /Apache/conf/ssl.key/ directories (you'll need to create the directories yourself.

2. Config

Open up /Apache/conf/ssl.conf and replace "c:/apache" with "C:/Program Files/Apache" (or wherever you've installed Apache. Also uncomment (remove the '#') the lines <IfDefine SSL> and </IfDefine>.

If you want to move SSL from the default port then search for "443" and replace it with the new port.

Open up /Apache/conf/httpd.conf and uncomment the following lines:

  • LoadModule ssl_module modules/mod_ssl.so
  • <IfModule mod_ssl.c> and the </IfModule> just below.

3. Test

Start up Apache and try browsing to https://localhost/. You should get the Apache default page again after an SSL.

Next time - Adding Subversion support to Apache.

Comments are closed

About Us

RikWare is a software development company based in Brisbane, Australia. Led by director, Richard Mason, RikWare focusses on solving challenging business problems promptly and effectively.

RikWare is also the owner of Aussie Bushwalking, a free, wiki-like collaboration site for bushwalkers and the creator of RikMigrations, a migration framework for .NET.

Aussie Bushwalking

Want to discover some new bushwalking ideas? Share a few of your own? Aussie Bushwalking is like Wikipedia... but for bushwalkers. Head on over. Anybody can see the walks and it's free to sign up and share your own.

 

RikMigrations

RikMigrations is a database migration library for .NET based on the migrations facility provided by Ruby on Rails. It allows simple upgrading and downgrading of databases using .NET code (such as VB or C#) either from the command line or built into your application. Unlike many other migration frameworks, RikMigrations is a stand-alone library which does not rely on a large surrounding framework.