N/A BONIAS
THE NETHERLANDS
Install an SSL-enabled Apache Web Server under Windows
The Apache web server is normally not the first thing that one associates with Windows. The Apache web server however, can run on Windows very efficiently and can provide a powerful web serving platform.
There are many reasons for which you might want to run Apache on Windows. For example, a web developer who wants to test a web site on Apache before uploading to a host provider.
Be Prepared
The Apache web server is not a typical Windows application. This might sound strange but it all comes down to one thing: you should not expect any wizards or graphical interfaces that will guide you through the configuration.
The configuration of the Apache web server is entirely done through configuration files that must be edited manually.
Prepare the installation
Before you can proceed with the installation, you must ensure that you have the necessary files . Please download the files from the links below. The files that you need to proceed are:
The Apache 2.2 installer
A version of Apache with the mod_ssl.so extension enabled
The Windows version of Openssl
A configuration file in order to create certificates
You can also download all these files in one 
file. Please make sure that you have downloaded all these files since they are necessary for the steps that will follow.
Install the Apache Web Server
The installation of the Apache web server is divided in several steps. It is important to read and to understand the instructions before beginning with each step.
Double-click on the Apache installer to start the installation of the core file of the web server.
Follow the prompts on the screen and make sure you will not use the default installation path but the path C:\Apache instead.
When the installation will finish, Apache must be running as a service in your Windows.
Create a directory called Openssl on your C drive and extract all the files included in the zip file that you have downloaded in the third step of the previous chapter.
Create a directory called openssl on your C drive and extract all the files included in the zip file that you have downloaded in the third step of the previous chapter.
Copy the openssl configuration file
Copy the file Openssl.cnf to the directory C:\Apache\Conf.
Configure OpenSSL
The OpenSSL program can be only controlled from a command prompt. To make your life easier in the next few steps please do the following.
Right-click on the MY COMPUTER icon on your desktop, choose the tab Advanced and the option Environment Variables as shown in Figure 1.
On the dialog in Figure 2, on the lower section entitled System variables, locate the value Path, choose it and then click on Edit. Scroll to the end of the line as shown in Figure 3 and add the following: ;C:\Openssl;.
This will help you to easily access the program from the command line without having to type the entire path when giving a command.
To see whether this is working open a command shell as shown in Figure 4 and type OPENSSL in the prompt. The result should be a command prompt window with the response OpenSSL> as shown in Figure 5. Type EXIT to leave this dialog.
If Windows gives an error message that it is missing either the libeay32.dll the ssleay32.dll, copy these files from the directory C:\Openssl to the directory C:\Windows\System32.
Create a certificate
Open a command prompt and type CD \APACHE\CONF to switch to the configuration directory for the Apache web server.
Type the following command: openssl req -config openssl.cnf -new -out -server.csr.
When asked for the common name give the exact name of your web server such as, for example, www.mysite.intranet. The certificate belongs to this server and browsers will complain if the name does not match the name of your server.
At the command prompt type the command to remove the passphrase from the private key: openssl rsa -in privkey.pem -out server.key.
Delete the file with the .rnd extension for security reasons since it contains the entropy information for creating the key and could be used for cryptographic attacks against you.
Finally, you are now ready to create a self-signed certificate. If you are going to use this installation to host any publicly available web site, it would be advisable to get a real certificate from a recognized certification authority since browsers will complain.
To create the certificate type the command: openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365.
This certificate will be valid for 365 days; you can increase this value to allow for a longer validity period.
Configure Apache and the Mod_ssl.so extension
There are two configuration files that you must modify in order to get your new Apache installation up & running.
Open the file httpd.conf located in the directory C:\Apache\Conf.
Locate the line #LoadModule ssl_module modules/mod_ssl.so and remove the comment character (#).
In the same file, locate the line #include conf/extra/httpd-ssl.conf and remove the comment character.
Open the file httpd-ssl.conf in the directory C:\Apache\Conf\Extra.
Locate the line SSLMUtex file:logs/ssl_mutex and comment it out by adding a comment character (#) at the beginning of the line.
Below it add the line SSLMutex default.
Use your new Web Server
Restart your system and your new Apache web server must be ready and functioning.
You can place your content in the directory C:\Apache\htdocs and you can access it by typing https://127.0.0.1 at the address bar of your browser.
If you would like to implement a simple form of name resolution for your website, you can modify the file lmhosts of your Windows accordingly as shown in this article.