Create SSL Certificate for website in Apache 2.4 and Windows Server

You should follow the steps below to create an ssl certificate of Apache2.4 in Windows Server environment.

Creating the OpenSSL command
The easiest way is to use the website of digicert to get the openssl command that generates the CSR file.

Digicert OpenSSL CSR Wizard: https://www.digicert.com/easy-csr/openssl.htm

An example of the wizard can be seen below.

Digicert OpenSSL CSR Wizard

The command text of the example is the following.
openssl req -new -newkey rsa:2048 -nodes -out www_test_gr.csr -keyout www_test_gr.key -subj “/C=GR/ST=Macedonia/L=Thessaloniki/O=Test GR/OU=Sub Test/CN=www.test.gr”
You may modify the above command to get the OpenSSL command without the use of the wizard.

Get the CSR and KEY files
Open a command line and navigate to the bin folder of the Apache installation. It is where the openssl.exe file resides.

You should copy the above command (“openssl”) and paste it into the command line window. You should get two files, the CSR and the KEY files.

Get the Certificate
Use the CSR content to create the CER or CRT file from your Certificate provider.

Add the Certificate into the httpd.conf file of Apache
Open the httpd.conf file and add the following virtualhost

VirtualHost SSL

ServerName www.test.gr
ServerAlias test.gr
SSLEngine on
SSLCertificateFile “C:/Apache24/FolderOfSSLfile/test_gr_cert.cer”
SSLCertificateKeyFile “C:/Apache24/FolderOfSSLfile/test_gr.key”
SSLCertificateChainFile “C:/Apache24/FolderOfSSLfile/test_gr.csr”

Do not forget to redirect the insecure site to the secure one.

VirtualHost – Redirection

ServerName www.test.gr
ServerAlias test.gr *.test.gr
Redirect “/” “https://www.test.gr/”

(the virtual host redirection should be above the virstual host SSL)

Best regards
Pavlos

Leave a Reply

Your email address will not be published. Required fields are marked *