Apache - Self assigned SSL Help - apache

How would I self assign a SSL Cert on Apache (XAMPP) on a Windows 2003 server? I have researched and the farest I got was a broken SSL Cert with "Common name" problem.
Post your guide or links here,
Thanks.

If you are in development and using localhost, the common name of your ssl certificate should be localhost. If you are using a machine that uses dns (or the hosts file) you should use that host name as the certificate common name (cn). E.g. if you are using www.mydomain.com you should create a certificate with that name. You can also create a certificate with the name *.mydomain.com that you should be able to use on all subdomains of mydomain.com. You may want to read this tuturial on the subject.

Related

How to create an ssl for a domain that is pointed from the hosts file?

Let's say I edit my hosts file on my computer to make google.com point to my VPS server IP, and the server has virtual host/server block for google.com configured trough Apache or Nginx.
So when I visit google.com it'll load whatever is configured on the server through HTTP, how can I make it HTTPS? can I do it with Let's Encrypt? I have tried to edit the hosts file on the VPS itself and then run cert-bot, but that didn't work.
in simple words: I don't own the domain, but would like to own it on my machine only trough https.
I don't own the domain, but would like to own it on my machine only trough https.
You can't do it with a publicly trusted certificate. You can create your own PKI with your own trusted root CA which you import as trusted in your own browser. Then you can create the server certificates you want with this CA and since your browser trusts this CA it will also accept your own certificates.
There are many resources online which describe how to create your own CA, like here or here or here.

Tomcat hosting multiple virtual host with single SSL certificate

I have a server hosting multiple web applications using Tomcat 8.0, each one in their virtual host, for example
Virtual Host "a.example.com" points to https://example.com/a
Virtual Host "b.example.com" points to https://example.com/b
My question is that, is there a way I could setup my multiple virtual hosts to use my single SSL certificate? Do i need tomcat SNI support for that?
In order to connect to a.example.com, you'll need a valid certificate for a.example.com. Same for any connection to b.example.com - and as I assume that SNI is ubiquituous by now, I don't know if the answer "yes" would require you to do something different than "no".
In the very special case that you use in your question, you can also work with wildcard certificates for *.example.com - ideally with an alternative name for example.com. It depends on the certification authority that you intend to use if it's available and how much you'll have to pay for it. Of course, if this was only an example, and the actual domain names are more diverse, it's no longer an option.
Just assume you need SNI - there's no problem using it.

Installing SSL for sub domain which pointing to another server

I have domain www.xyz.com with dedicated IP,SSL for www.xyz.com is already installed and working fine.
now through plesk panel i am able to create 10 sub domains.
I have created one sub domain named subdomain.xyz.com which is pointing to totaly different server.
I want to add SSL certificate for subdomain.xyz.com.
where i have to add SSL certificate, on the the server that sub domain is pointing or i can add SSL for subdomain.xyz.com from xyz.com plesk panel.
the subdomain is pointing to solaris server
You will need to install the SSL certificate on the actual server that is responding to your HTTPS requests (meaning, the one the subdomain points to). However, keep in mind that if you have a regular SSL certificate, then the certificate would have to be issued to the specific subdomain. For example, a regular SSL certificate for example.com does not validate against sub.example.com.
As an alternative, you can purchase a wildcard SSL certificate for your domain that will cover the new subdomain and any others you add later. More info on that here: https://www.digicert.com/wildcard-ssl-certificates.htm

Binding SSL certificates to Website in IIS

I have a server which is hosting a domain named abc.com . I have an SSL certificate installed for this domain on server and abc.com require SSL. Now I have a sub domain say sub.abc.com which is secured by another SSL certificate.
Now this is what I did to bind. Clicked the main site abc.com in IIS and opened bindings. Now in bindings, I added https and for IP Address I gave All Unassigned. For SSL certificate I selected the SSL cert for abc.com.
Again for the sub domain binding I followed same steps but under IP Address I gave the IP (19.xxx.xx.xx) of my server. Under certificate I picked the certificate for sub.abc.com.
Now on a browser if I open sub.abc.com its working fine. But if I load abc.com then the site is loading with warning and its displaying the certificate of sub.abc.com instead of abc.com . In bindings I can confirm that I have mapped to correct certificate.
Not sure whats going wrong here. Any help highly appreciated.
If you are running IIS 8 and above, you can use SNI,
http://www.iis.net/learn/get-started/whats-new-in-iis-8/iis-80-server-name-indication-sni-ssl-scalability
You may also go for WildCard certificate i.e a certificate issues to *.abc.com for the root domain , this will not only simplify your deployment and will provide adequate security as well.

Wildcard Cer is not working after configured ssl host headers

I have a regular cer installed on my main domain http://www.2send.co.il , and a wildcard SSL installed on the sub-domain http://en.2send.co.il .
I am using 'SSL host headers' to use one IP address for both sites. the problem is that when I am checking the SSL (http://sslchecker.com/sslchecker) for the sub-domain the response is that the hostname is not match. for the main domain it works properly.
I don't know where to start looking for the solution.
Any idea?
Thanks.
You must use the same certificate (wildcard certificate) to all the sub-domains.
First install the certificate on one of the sub-domains, then configure the SSL host headers as described here: http://www.sslshopper.com/article-how-to-configure-ssl-host-headers-in-iis-6.html , this will use the certificate from the first sub-domain to the second one.