http://jumnuoy.blogspot.com/2012/07/create-ssl-certificate-and-install-in.html
HTTPS, it’s a secure http protocol. With the web becoming part of day to day life people expect almost all application and services should be web enabled and it will happen soon. As huge transactions are done on web we need some kind of security that will prevent data theft, data sniffing. Secure http plays very crucial role in protecting the web.
When we develop any web base application it is always better to provide support for https. Generally it happens that we develop our application with HTTP protocol in mind and when security comes in app may fail to act as expected. So add SSL certificate in the development phase itself.
There might be the case that you won’t be able to buy the SSL certificate in development phase, in this scenario its always advised to generate and install Self Signed SSL Certificate and later when you decide to move to production you can buy authentic certificate from companies like VeriSign Inc.
Here we will see how we can generate SSL certificate using Open SSL and install it on Xampp server for Windows.
1. Generate a Private Key
* Sart Menu=> Control Panel => System = > Advance System Sitting = Environment Variables... => OPENSSL_CONF (copy the Dir. of openssl.cnf like this D:\xampp\apache\bin\openssl.cnf)
Command: openssl genrsa -des3 -out server.key 1024
Screen:
2. Generate Certificate Signing Request
Command: openssl req -new -key server.key -out server.csr
Screen:
Here the command might need an config parameter. This is not required but its needed when openssl couldnt find the configration file.
3. Sign the Certificate
Command: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Screen:
3. Install and Configure the Certificate
After this you will have server.key and server.crt files that you need to copy to some directory that can be easily accessed by apache. Copy both files to say crypt directory and configure the SSL Conf for website or app. Following shows the basic SSL configuration.
4. Restart the apache server and access the application/site with HTTPS.
When we develop any web base application it is always better to provide support for https. Generally it happens that we develop our application with HTTP protocol in mind and when security comes in app may fail to act as expected. So add SSL certificate in the development phase itself.
There might be the case that you won’t be able to buy the SSL certificate in development phase, in this scenario its always advised to generate and install Self Signed SSL Certificate and later when you decide to move to production you can buy authentic certificate from companies like VeriSign Inc.
Here we will see how we can generate SSL certificate using Open SSL and install it on Xampp server for Windows.
1. Generate a Private Key
* Sart Menu=> Control Panel => System = > Advance System Sitting = Environment Variables... => OPENSSL_CONF (copy the Dir. of openssl.cnf like this D:\xampp\apache\bin\openssl.cnf)
Command: openssl genrsa -des3 -out server.key 1024
Screen:
2. Generate Certificate Signing Request
Command: openssl req -new -key server.key -out server.csr
Screen:
Here the command might need an config parameter. This is not required but its needed when openssl couldnt find the configration file.
3. Sign the Certificate
Command: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Screen:
3. Install and Configure the Certificate
After this you will have server.key and server.crt files that you need to copy to some directory that can be easily accessed by apache. Copy both files to say crypt directory and configure the SSL Conf for website or app. Following shows the basic SSL configuration.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | <VirtualHost ssltest.com:443> DocumentRoot "path/to/ssltest.com" ServerName ssltest.com ServerAlias www.ssltest.com ServerAdmin you@ssltest.com SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW :+SSLv2:+EXP:+eNULL SSLCertificateFile "path/to/server.crt" SSLCertificateKeyFile "path/to/server.key" <FilesMatch "\.(cgi|shtml|phtml|php|php5|php4|php3?)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "path/to/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost> |
4. Restart the apache server and access the application/site with HTTPS.
When we develop any web base application it is always better to provide support for https. Generally it happens that we develop our application with HTTP protocol in mind and when security comes in app may fail to act as expected. So add SSL certificate in the development phase itself.
There might be the case that you won’t be able to buy the SSL certificate in development phase, in this scenario its always advised to generate and install Self Signed SSL Certificate and later when you decide to move to production you can buy authentic certificate from companies like VeriSign Inc.
Here we will see how we can generate SSL certificate using Open SSL and install it on Xampp server for Windows.
1. Generate a Private Key
* Sart Menu=> Control Panel => System = > Advance System Sitting = Environment Variables... => OPENSSL_CONF (copy the Dir. of openssl.cnf like this D:\xampp\apache\bin\openssl.cnf)
Command: openssl genrsa -des3 -out server.key 1024
Screen:
2. Generate Certificate Signing Request
Command: openssl req -new -key server.key -out server.csr
Screen:
Here the command might need an config parameter. This is not required but its needed when openssl couldnt find the configration file.
3. Sign the Certificate
Command: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Screen:
3. Install and Configure the Certificate
After this you will have server.key and server.crt files that you need to copy to some directory that can be easily accessed by apache. Copy both files to say crypt directory and configure the SSL Conf for website or app. Following shows the basic SSL configuration.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | <VirtualHost ssltest.com:443> DocumentRoot "path/to/ssltest.com" ServerName ssltest.com ServerAlias www.ssltest.com ServerAdmin you@ssltest.com SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW :+SSLv2:+EXP:+eNULL SSLCertificateFile "path/to/server.crt" SSLCertificateKeyFile "path/to/server.key" <FilesMatch "\.(cgi|shtml|phtml|php|php5|php4|php3?)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "path/to/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost> |
4. Restart the apache server and access the application/site with HTTPS.
Apache MySQL PHP Server Web Developer Xampp
0 comments:
Post a Comment