|
I have been able to generate CSR file and
key using OpenSSL as you mentioned.
Now pass the CSR file (without the key) to your CA to get it
signed. In return you should obtain a certificate file, and
possibly also a certificate chain file. Again, your CA should help
you with Apache configuration, but generally it should contain the
following lines:
Listen 443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /some-path/cert.pem
SSLCertificateKeyFile /some-path/privkey.pem
SSLCertificateChainFile /some-path/chain.pem
# rest of your virtualhost configuration here
</VirtualHost>
Apache usually comes with sample site configurations (i.e.
default-ssl.conf), just read them.
Cannot help you with Tomcat, sorry. Saw it last time in 2004.
--
With Best Regards,
Marat Khalili
On 04/11/16 16:19, Robert Ramoutar
wrote:
Hello ,
Thank you for that explanation. I have been able to generate
CSR file and key using OpenSSL as you mentioned.
Can anyone indicate what is the next step and also if
possible how does one test this configuration to ensure it is
working.
I am trying to accomplish the following:
1. Use apache for certificate
2. Use tomcat to host website
Am i stating this correctly or do i just specify the location
of the certificates in tomcat's configuration ?
If so how do i test this configuration.
Thanks for your guidance
Robert.
Regards,
Robert
Ramoutar.
This email is intended for the intended
recipient(s) and may contain confidential
information.
Reproduction, dissemination or distribution
of this message is prohibited unless authorized by
the sender. If you are not the intended
recipient, please notify the sender immediately and
you
must not read, keep, use, disclose, copy or
distribute this email without the sender's
prior permission.
Hello Robert,
There seems some misunderstanding here. Apache does not
generate certificates, nor there's "import" process - you
just put files wherever you want and specify their location
in configuration. Minimal Apache configuration of site with
SSL is less than dozen lines, nothing difficult.
Generating necessary certificate files is indeed more
involved, but it has nothing to do with Apache. Ask your CA
for help, they should have clear instructions on what to do
(or use different CA). Usually it means running some
commands in OpenSSL. You can use any working installation of
OpenSSL, not necessarily on your Windows PC with Apache.
--
С уважением,
Марат Халили (Российский Квантовый Центр)
+7 926 950 0804
On November 3, 2016 10:06:47 PM
GMT+03:00, Robert Ramoutar
<Robert_Ramoutar@xxxxxxxxxxx> wrote:
Hi Again,
Thanks for the reply,
I was able to download, install apache service and
got IT WORKS when entering localhost:80 in my
browser.
I was reading the following page :
Apache SSL/TLS Encryption
But i'm still unable to configure.
Can you say how to import certificates into
apache and how to test the imported certificates to
make sure they function.
1. I have to generate a CSR request and key,
2. Then after i get the files from the cert
provider import it into apache
Any ideas on how to complete the above two
steps.
Thanks again for your help,
Regards,
Robert Ramoutar.
This
email is intended for the intended
recipient(s) and may contain confidential
information.
Reproduction,
dissemination or distribution of this
message is prohibited unless authorized by
the sender.
If you are not the intended recipient,
please notify the sender immediately and you
must not read, keep,
use, disclose, copy or distribute this email
without the sender's
prior permission.
Hi ,
I think is a good starting
point
http://httpd.apache.org/docs/2.4/platform/windows.html
|
httpd.apache.org
This document explains how to
install, configure and run Apache
2.4 under Microsoft Windows. If you
have questions after reviewing the
documentation (and any event ...
|
It’s pretty straight forward
, download the installer from one of those
links
http://httpd.apache.org/docs/2.4/platform/windows.html#down
Install like any other
software
Install the windows serverice
for apache
http://httpd.apache.org/docs/2.4/platform/windows.html#winsvc , and
set it to start automatically
Anything else is pretty much
the same on any platform
http://httpd.apache.org/docs/2.4/ ,
just be careful with the PATH’s
|
httpd.apache.org
Copyright 2016 The Apache Software
Foundation. Licensed under the
Apache License, Version 2.0. Modules
| Directives | FAQ | Glossary |
Sitemap
|
Hello all,
I have been tasked with
Installing and Configuring Apache 2.4 on a
windows server for the following purpose:
1. Configure SSL through
apache
2. Apache Tomcat also
installed on server to handle web request
to a specific web application - MySQL db
also on the same server.
How does one go about
installing and configuring SSL through
apache 2.4 on Windows Server 2012?
I have read so many documents
and so many questions on forums etc and is
now more confused than before.
Can someone please outline
the steps require and if possible how to
perform these steps for apache in
Windows.
Thanks.
Regards,
Robert Ramoutar.
This email is intended
for the intended recipient(s) and
may contain confidential
information.
Reproduction, dissemination or
distribution of this message is
prohibited unless authorized by
the sender. If you are not the
intended recipient, please notify
the sender immediately and you
must not read, keep, use,
disclose, copy or distribute this
email without the sender's
prior permission.
Hi! This is the ezmlm
program. I'm managing the
users@xxxxxxxxxxxxxxxx
mailing list.
PLEASE READ! This message contains
information specific to
this mailing list, and is not your
standard form-letter
subscription acknowledgement.
I have added the address
Robert_Ramoutar@xxxxxxxxxxx
to the users mailing list.
Welcome to
users@xxxxxxxxxxxxxxxx!
Please save this message so that you
know the address you are
subscribed under, in case you later
want to unsubscribe or change your
subscription address.
This mailing list is maintained by the
Apache Software Foundation
as a forum in which users of the
Apache HTTP server can ask each
other questions, pose problems, and
discuss issues. It is NOT,
repeat NOT, an official support medium
of the Foundation. Please
take a look at
<URL:http://httpd.apache.org/userslist.html
to see details about how this list
is to be used.
Posting is only permitted by
subscribed addresses as an anti-spam
measure. The list is moderated by
volunteers from the Apache Software
Foundation; moderation will mostly
be notable by its absence.
However, blatant abuse of the
forum's purpose or the sensibilities
of the subscribers will not be
tolerated. Any actions taken
by the moderators is final, solely
at their discretion, and not
subject to formal appeal.
So.. be excellent to each other, and
party on!
--- Administrative commands for the
users list ---
I can handle administrative requests
automatically. Please
do not send them to the list
address! Instead, send
your message to the correct command
address:
To subscribe to the list, send a
message to:
<users-subscribe@xxxxxxxxxxxxxxxx>
To remove your address from the list,
send a message to:
<users-unsubscribe@xxxxxxxxxxxxxxxx>
Send mail to the following for info
and FAQ for this list:
<users-info@xxxxxxxxxxxxxxxx>
<users-faq@xxxxxxxxxxxxxxxx>
Similar addresses exist for the digest
list:
<users-digest-subscribe@xxxxxxxxxxxxxxxx>
<users-digest-unsubscribe@xxxxxxxxxxxxxxxx>
To get messages 123 through 145 (a
maximum of 100 per request), mail:
<users-get.123_145@xxxxxxxxxxxxxxxx>
To get an index with subject and
author for messages 123-456 , mail:
<users-index.123_456@xxxxxxxxxxxxxxxx>
They are always returned as sets of
100, max 2000 per request,
so you'll actually get 100-499.
To receive all messages with the same
subject as message 12345,
send a short message to:
<users-thread.12345@xxxxxxxxxxxxxxxx>
The messages should contain one line
or word of text to avoid being
treated as sp@m, but I will ignore
their content.
Only the ADDRESS you send to is
important.
You can start a subscription for an
alternate address,
for example "john@host.domain",
just add a hyphen and your
address (with '=' instead of '@')
after the command word:
<users-subscribe-john=host.domain@xxxxxxxxxxxxxxxx>
To stop subscription for this address,
mail:
<users-unsubscribe-john=host.domain@xxxxxxxxxxxxxxxx>
In both cases, I'll send a
confirmation message to that address.
When
you receive it, simply reply to it to
complete your subscription.
If despite following these
instructions, you do not get the
desired results, please contact my
owner at
users-owner@xxxxxxxxxxxxxxxx.
Please be patient, my owner is a
lot slower than I am ;-)
--- Enclosed is a copy of the request
I received.
Return-Path: <Robert_Ramoutar@xxxxxxxxxxx>
Received: (qmail 22078 invoked by uid
99); 3 Nov 2016 14:35:43 -0000
Received: from
pnap-us-west-generic-nat.apache.org
(HELO spamd4-us-west.apache.org)
(209.188.14.142)
by apache.org (qpsmtpd/0.29) with
ESMTP; Thu, 03 Nov 2016 14:35:43 +0000
Received: from localhost (localhost
[127.0.0.1])
by spamd4-us-west.apache.org
(ASF Mail Server at
spamd4-us-west.apache.org) with ESMTP
id 93C13C12BA
for <users-sc.1478183343.jikkijpbomggnfdjlkmj-Robert_Ramoutar=hotmail.com@xxxxxxxxxxxxxxxx>;
Thu, 3 Nov 2016 14:35:42 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at
spamd4-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -1.8
X-Spam-Level:
X-Spam-Status: No, score=-1.8
tagged_above=-999 required=6.31
tests=[DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
HTML_MESSAGE=2,
RCVD_IN_DNSWL_LOW=-0.7,
RCVD_IN_MSPIKE_H2=-0.001,
RP_MATCHES_RCVD=-2.999,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001]
autolearn=disabled
Authentication-Results:
spamd4-us-west.apache.org
(amavisd-new);
dkim=pass (2048-bit key)
header.d=hotmail.com
Received: from mx1-lw-us.apache.org
([10.40.0.8])
by localhost
(spamd4-us-west.apache.org
[10.40.0.11]) (amavisd-new, port
10024)
with ESMTP id lmnCdw_0glZR
for <users-sc.1478183343.jikkijpbomggnfdjlkmj-Robert_Ramoutar=hotmail.com@xxxxxxxxxxxxxxxx>;
Thu, 3 Nov 2016 14:35:38
+0000 (UTC)
Received: from
COL004-OMC1S15.hotmail.com
(col004-omc1s15.hotmail.com
[65.55.34.25])
by mx1-lw-us.apache.org (ASF
Mail Server at mx1-lw-us.apache.org)
with ESMTPS id 3AD9C5FD01
for <users-sc.1478183343.jikkijpbomggnfdjlkmj-Robert_Ramoutar=hotmail.com@xxxxxxxxxxxxxxxx>;
Thu, 3 Nov 2016 14:35:37 +0000 (UTC)
Received: from
NAM03-BY2-obe.outbound.protection.outlook.com
([65.55.34.8]) by
COL004-OMC1S15.hotmail.com over TLS
secured channel with Microsoft
SMTPSVC(7.5.7601.23008);
Thu, 3 Nov 2016 07:35:06
-0700
DKIM-Signature: v=1; a=rsa-sha256;
c=relaxed/relaxed; d=hotmail.com;
s=selector1;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
bh=HnL45X3/NoE4wrc/02/wjec4XoTgHH7M2W5E3o8BYtM=;
b=fdotrFLmERmzS7uaZ+6HTvUAhmqqzfCLnSN2uxpvkzCrmPy0ctwl/INSVylE8C9PxosxyYnswg5qvn+Li8ftVQ9Rd1x2/ureuyaQCbeKDp8FCwFMCgf8UR9Lw/mrLqu7lajZRAEBu30dECml2pye2gt7mD3zumVoqA+h3KFlEhWrHKzS5CgdSOpShzS1iwWzLdGanveo8pmehw3LpR/2o73dKNcQMsgfnLe4vYJrr9MLbdGYsAG3W0EcPBPiKDlf+hXzKXyXOjkDCGI5WdTAsZw1vhVlYV/9i+MzIadjysQPM0ZEykLDG1MpvoSkG/1MrFTnkpaU1+tY6cUsI0zZUA==
Received: from
CO1NAM03FT039.eop-NAM03.prod.protection.outlook.com
(10.152.80.53) by
CO1NAM03HT045.eop-NAM03.prod.protection.outlook.com
(10.152.81.55) with Microsoft SMTP
Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.707.3; Thu,
3 Nov
2016 14:35:04 +0000
Received: from
SN1PR17MB0381.namprd17.prod.outlook.com
(10.152.80.54) by
CO1NAM03FT039.mail.protection.outlook.com (10.152.81.202) with
Microsoft SMTP
Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384)
id
15.1.707.3 via Frontend Transport;
Thu, 3 Nov 2016 14:35:04 +0000
Received: from
SN1PR17MB0381.namprd17.prod.outlook.com
([10.163.223.146]) by
SN1PR17MB0381.namprd17.prod.outlook.com ([10.163.223.146]) with mapi id
15.01.0693.009; Thu, 3 Nov 2016
14:35:04 +0000
From: Robert Ramoutar <Robert_Ramoutar@xxxxxxxxxxx>
To:
"users-sc.1478183343.jikkijpbomggnfdjlkmj-Robert_Ramoutar=hotmail.com@xxxxxxxxxxxxxxxx"
<users-sc.1478183343.jikkijpbomggnfdjlkmj-Robert_Ramoutar=hotmail.com@xxxxxxxxxxxxxxxx>
Subject: Re: confirm subscribe to
users@xxxxxxxxxxxxxxxx
Thread-Topic: confirm subscribe to
users@xxxxxxxxxxxxxxxx
Thread-Index:
AQHSNd6je7noe+ujykG9ZqB8z9gZPqDHUy43
Date: Thu, 3 Nov 2016 14:35:04 +0000
Message-ID: <SN1PR17MB03814273D2EBDC86811159318FA30@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
References: <1478183343.99748.ezmlm@xxxxxxxxxxxxxxxx>
In-Reply-To: <1478183343.99748.ezmlm@xxxxxxxxxxxxxxxx>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results:
httpd.apache.org; dkim=none (message
not signed)
header.d=none;httpd.apache.org;
dmarc=none action="">
header.from=hotmail.com;
x-incomingtopheadermarker:
OriginalChecksum:5ED0FEB0316F11B988590D2CFCB2454E169E7D6530314186DE33E1A80CC1DF38;UpperCasedChecksum:B6F0B440F5A85BD3F02FACB962E3265ACD92B1F758E900C235F58373E370B080;SizeAsReceived:7391;Count:38
x-tmn:
[H3dbSNIbp4KHsw7dJq6DSU0wlNTaNW0EPH3PXb3o1mo=]
x-incomingheadercount: 38
x-eopattributedmessage: 0
x-microsoft-exchange-diagnostics:
1;CO1NAM03HT045;5:hrPmnmerba2biI5MzVyFs/obtLPyPWsnnNAPb81Pv5A2p1Kuet+vIhavMShR987BX02T1E2sT2e2hD7pIAhTafgoQ/u8jGlFkkMXnRRMEB6SpY5LdjbOYd2jCzmi5KR66D5n3MfIASRtlCNV+GqtguCDrkAhAuNymYX+CoZTrlk=;24:dxl579oaBX39gHlyOjBq/byu/ogwNhu8rZQFrorGLR69INLSRHDwbjKxsDpdlDte80DdMUeMbQwx957UMjRdaRFIFNJ5d2pCvio8uobscEs=;7:LT2cbh+jkT9Ls3glpiNpGZUNlUhMPBF/T9scwe6Z0VQnlZO1KigGgLT87aWeUnID/9XbMXT0epjoyP47Avjc1C5XBxEIPO9ib3ikPmHeVDskA5qMu1bcGSeL6+0a/OEgeSHZEba3qANQLLThou/GehMXwY44MhwxoAsy4tkaZ8YIVfEbjgCuWzgGC76059yXInDm2gEwN5jHocv8D3K4/e4HeQdt3+gYs7sA8LdvWD8u8Sk/UGViO4rMeOM1H718HPHCCbVXJCIwPF6rba1DncAv6hkmCe22ZrbFwwu5rIV+fXjtZLuoz9QkfsF52EVrX8FN40zdg1cR5WkmrE33uT2aDLsFT7tihZsfmJqt3zY=
x-forefront-antispam-report:
EFV:NLI;SFV:NSPM;SFS:(10019020)(98900003);DIR:OUT;SFP:1102;SCL:1;SRVR:CO1NAM03HT045;H:SN1PR17MB0381.namprd17.prod.outlook.com;FPR:;SPF:None;LANG:en;
x-ms-office365-filtering-correlation-id:
8277fdd0-a837-46ca-4e5e-08d403f699bb
x-microsoft-antispam:
UriScan:;BCL:0;PCL:0;RULEID:(1601124038)(5061506232)(5061507235)(1603103103)(1601125047)(1603101340);SRVR:CO1NAM03HT045;
x-exchange-antispam-report-cfa-test:
BCL:0;PCL:0;RULEID:(432015012)(82015046);SRVR:CO1NAM03HT045;BCL:0;PCL:0;RULEID:;SRVR:CO1NAM03HT045;
x-forefront-prvs: 011579F31F
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative;
boundary="_000_SN1PR17MB03814273D2EBDC86811159318FA30SN1PR17MB0381namp_"
MIME-Version: 1.0
X-OriginatorOrg: hotmail.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Nov 2016 14:35:04.0768
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id:
84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1NAM03HT045
X-OriginalArrivalTime: 03 Nov 2016
14:35:06.0104 (UTC)
FILETIME=[78652780:01D235DF]
|
