I was asked to install SSL on XAMPP 5.5.38 while being given some .pem files.
To my understanding, these files are the certificates. Problem is, I have no solid idea how to use these files for installation. How do I approach this? Should I convert it to .crt files first? I was told that .pem files could be used in xampp but I'm not entirely sure myself. Thanks.
See Does .pem file contains both private and public keys? for details about PEM file.
Provided that the PEM file you got contains both public certificate and private key (you can confirm by checking its content), you can use the same file for both SSLCertificateFile and SSLCertificateKeyFile and it should work.
Related
Morning guys
I have never really dealt with SSL's on an apache server.
I found the domain on godaddy for my site. Downloaded the CentOS Apache zip.
This includes
gd_bundle .crt
hereismysite.crt
blahblah.pem
Now,the folder that currently has the SSL has
gd_bundle .crt
hereismysite.crt
blahblah.key
I have this rekey thing on godaddy for the CSR?
I am a little confused as to how to do this step and what to do with it?
I followed some apache instructions here after I replaced the files with the new ones. (I also just replaced the .pem info in the key). Crashed the servers all on apachectl restart so put the old ones back and restarted again
https://ae.godaddy.com/help/manually-install-an-ssl-certificate-on-my-apache-server-centos-5238
I am baffled.
Anyone able to break it down for a dummy like me?
To configure your site you need the following:
A private key
A public certificate
A CA bundle containing intermediate certs (not always required)
The zip from godaddy contains the following:
gd_bundle.crt - This is the CA bundle
hereismysite.crt - This is your sites public certificate signed by godaddy
blahblah.pem - This is the same as hereismysite.crt in a different format (I haven't been able to verify why they do this, maybe convenience...?)
On your server, you have:
gd_bundle.crt - Same as above
hereismysite.crt - Same as above
blahblah.key - Your private key. This is generated during the CSR process. If you don't have or lost this file, then you need to rekey your cert as you mentioned in your post.
To put all this together, your Apache config will look something like this:
<VirtualHost *:443>
ServerName www.example.com
SSLEngine on
SSLCertificateFile "/path/to/hereismysite.crt"
SSLCertificateKeyFile "/path/to/blahblah.key"
</VirtualHost>
See also: https://bofeng.github.io/post/godaddy-ssl-cert-nginx/
I am trying to install self signed ssl on IP address. I have apache in centos7. I have mod_ssl installed. I have been able to create self signed certificate with openssl req. Now I need to add this certificate to virtual hosts. I found two different files in tutorials for this purpose.
etc/apache2/sites-available/default-ssl.conf and second option is etc/httpd/conf.d/ssl.conf.
But I could find apache2 folder in etc but not sites-availabe and no httpd in etc. Where do I find the relevant file to edit virtual hosts?
Thank you.
you can just create the folder sites-available if you want inside of the Apache folder. The important thing is to check the Main Apache Config file and make sure that it is loading up the default-ssl.conf file. Usually its done by putting an Include /*. That would load up everything in that folder.
Config files for Apache under Centos should be at /etc/httpd/ instead of /etc/apache/
I have setup the dispatcher in Apache for windows OS. After that trying to configure certificates to enable HTTPS in httpd.config file, then getting below exception every time. Not sure what's wrong here. Using apache 2.2.25 and generated key using openssl.
Any help on this problem?
Please use quotes for the file path:
SSLCertificateFile "<path-to-file>"
SSLCertificateKeyFile "<path-to-file>"
The path you are using contains multiple "spaces" which probably are interpreted as another parameter.
I am running a virtual server (Ubunto, Plesk 12). For the vhosts the settings are stored in httpd.conf, which is generated by Plesk.
When having activated SSL-Support in Plesk, then Plesks default certificate is referenced, even when no certificate has been selected. Trying to override this value via vhost_ssl.conf results in Apache not being able to start/ restart. My tech support told me, that Apache is trying to bind both certificates then, instead of overriding the SSLCertificateFile directive.
When having SSL-Support deactivated in Plesk, then all directives regarding SSL (< IfModule mod_ssl.c >) are missing in httpd.conf. I guess additional directives within vhost_ssl.conf wont work then.
Is there any other way to replace/ override the default certificate? It is no option to put the setting into httpd.conf directly (iE via VI), because once I make a change in Plesk related to this file, it is overwritten. It is also no option, to put the certificates keys into Plesk, because they need to be updated regulary and I dont want to do that manually every time.
You can apply your certificate for domain if you upload certificate to subscription's repository here:
Also you can try LetsEncrypt extension from Extensions Catalog.
By the way, Plesk's LetsEncrypt extension updates all it's certificates by cron task every month:
I do not know how to find the SSL Certificate on the File System for the website I am working on. Someone else put it in and I cannot find it. Also, how do I get the URL for it?
If you use Apache:
Move to Apache sites enabled folder (/etc/apache/sites-enabled)
Open each file in this folder
You have to find the tag SSLCertificateFile
Browse to SSLCertificateFile path