You are on page 1of 19

11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

RobsNotebook

XAMPP:SSLEncrypttheTransmissionof
Passwordswithhttps
RobJuly15th,2007

ThisarticleispartofaseriesofarticlesaboutmakingXAMPPmoresecure.Seetheoverviewpageforallthe
securitymeasures.

Ifyoudonthaveencryptionenabledonapasswordprotectedfolder,thepasswordwillbesentincleartext
meaningthatitcanbeseenbyanyoneusinganetworksniffer.Itisagoodideatoencryptthetransmissionof
thesepasswords.Thereare2stepstothisprocess,firstweneedtocreateSSLcertificates,andthenweneedto
makesurethatthepasswordprotectedpagesareonlyaccessedwithencryption.Itsalsoagoodideatoimport
yourcertificatesintoanybrowsersonallmachinesthatyouplantousetoaccessyourserver,otherwiseyoull
getawarningaboutanuntrustedcertificateauthority.

CreateSSLCertificateandServerPrivateKey
Inordertoenabletheencryptionofyourpassword,youmustcreateanSSLcertificiate(containingyourpublic
key)andaserverprivatekey.XAMPPprovidesadefaultcertificate/keythatcanbeused,butitisbetterto
createanewonesincethedefaultkeyisavailabletoanyonewhodownloadsXAMPP.Ifsomeoneknowsyour
key,theycandecryptyourpackets.

XAMPPprovidesabatchfileforcreatinganewcertificate/keywithrandomencryptionkeys.Toexecutethis
batchfile,dothefollowing:

1. Openacommandwindow(Start>Run,typecmdandpressOK)
2. cdc:\xampp\apache
3. makecert

Youwillthenseethis:
C:\\xampp\\apache>newcert
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
............................++++++
.....................................++++++
writing new private key to 'privkey.pem'
Enter PEM pass phrase:

Enterinapassphrasefordecryptingyourprivateserverkey,andpressEnter.Writedownthispassphraseso
youdontforgetit.Nowyouwillbeaskedtoverifyit:

http://robsnotebook.com/xampp-ssl-encrypt-passwords 1/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

Verifying - Enter PEM pass phrase:

EnteryourpassphraseasecondtimeandhitEnter.Now,youllseethis:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:

Enterinyour2lettercountrycode.Youllbeaskedforafewmoreitems(shownbelow).Enteriswhatyou
thinkismostappropriate,butstopwhenyouareaskedforCommonName
State or Province Name (full name) [Some-State]:NY
Locality Name (eg, city) []:New York
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Rob's Great Company
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:

ForCommonName,youneedtoenterintheDNSnameorIPaddressofyourwebsite.Thenamethatyou
enterinherewillneedtomatchtheservernamethatisenteredintothebrowserthatisaccessingthepage.Itis
importantthatthiscommonnamematchtheaddressthatgoesintoabrowser,otherwiseyouwillget
extrawarningswhennavigatingtoyoursecurewebpages.Ifyouarerunningthiswebsiteoverthepublic
internetonanIPaddressthatchangessometimes,youcanuseaDynamicDNSservicesuchasdyndns.orgto
getafreedomainnamethatalwayspointstoyourserver.AfteryouenterintheCommonName,youare
askedformoreinformation.Fillinwhatyouthinkisappropriate,butitisOKtojusthitENTERtoacceptthe
defaults.Eventually,youwillbeaskedforthepassphraseforprivkey.pem:

Email Address []:

Please enter the following 'extra' attributes


to be sent with your certificate request
A challenge password []:
An optional company name []:
Enter pass phrase for privkey.pem:

Enterthepassphrasethatyoucreatedearlier,andnowyouwillseethis:

writing RSA key


Loading 'screen' into random state - done
Signature ok
subject=/C=xx/ST=xx/L=xxxx/O=xxx/CN=commonname
Getting Private key

-----
Das Zertifikat wurde erstellt.
The certificate was provided.

Press any key to continue . . .

C:\\xampp\\apache>

YouarenowfinishedcreatingyourSSLcertificateandprivatekey.Themakecert.batscriptwillmoveyour
serverprivatekeyandcertificatesintheappropriatedirectoriesforyou.

Importthecertificateintothebrowserforeachclient
http://robsnotebook.com/xampp-ssl-encrypt-passwords 2/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

Sincethiscertificateisselfsigned,andisnotsignedbyawellknownCertificateAuthority(CA),whenyou
browsetotheprotectedpagesyoullgetawarning.Toturnoffthiswarning,thecertificateshouldbeimported
asatrustedCAintoanybrowsersthatyouwillusetoaccessyourserver.

ImportingthecertificateintoIE7

HerearethestepstoimportthecertificateintoIE7:

Tools>InternetOptions
ContentTab>CertificatesButton
TrustedRootCertificationAuthoritiesTab>ImportButton

NowyoullseetheCertificateImportWizard
ClickNext
Providefilename:c:\xampp\apache\conf\ssl.crt\server.crt
ClickNext
LeavedefaulttoPlaceallCertificatesinCertificatestore:TrustedRootCertificationAuthorities,andclickNext
ClickFinish

ImportingthecertificateintoFirefox2:

HerearethestepstoimportthecertificateintoFirefox2:

Tools>Options
Advanced>EncryptionTab>ViewCertificatesButton
AuthoritiesTab>ImportButton
Selectfile:c:\xampp\apache\conf\ssl.crt\server.crt,andclickOpen
CheckTrustthisCAtoidentifywebsites
ClickOK
ClickOKinCertificatemanager
ClickOKInoriginalOptionswindowtogetbackintoFirefox

EditApacheconfigforencryptiononlyaccesstopasswordprotected
folders.
NowwewillinstructApachetoaccessthepasswordprotectedfolderswithSSLencryptionexclusively.Thisis
donein2steps.First,wesetuptheApacheconfigfilesforthesefolderstosaytheycanonlybeaccessedwith
SSLencryption.Next,weredirectanyhttptraffictothesepagestohttps(thisisoptional).

MakefoldersaccessiblewithSSLencryptiononly

First,weneedtoinformApachethatthefoldersyouwanttoencryptshouldusealwaysuseencryption(and
nevergointheclear).ThisisaccomplishedbyputtinganSSLRequireSSLdirectiveinsideofeachdesired
<Directory>listingintheconfigfiles(itisoktoputitattheend,justbeforethe</Directory>).Theredtext
belowshowswhattodo.

Alias /web_folder_name "C:/xampp/foldername"


<Directory "C:/xampp/foldername">
...
...
SSLRequireSSL
</Directory>

http://robsnotebook.com/xampp-ssl-encrypt-passwords 3/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

Isuggestdoingthisforthefollowingfolders(ifyoustillhavethem):

ConfigFile:c:\xampp\apache\conf\extra\httpdxampp.conf
c:\xampp\phpmyadmin
c:\xampp\htdocs\xampp
c:\xampp\webalizer
c:\xampp\security\htdocs
ConfigFile:c:\xampp\webdav
c:\xampp\webdav

Redirecthttptohttpsforcertainfolders

Thisnextoptionalstepistoredirecthttprequeststohttpsrequestsforthepageswewanttosecure.Thisis
moreuserfriendlyandallowsyoutostillusehttpwhenyoutypeintheaddress(andautomaticallyswitchto
https://andencryption).Ifyoudontdothis,andyouusedSSLRequireSSL,youwillonlybeabletoaccess
thesepagesbytypinghttps://.Thisisfineandprobablyalittlebitmoresecure,butisnotsouserfriendly.To
accomplishtheredirection,wewillusemod_rewritesothatwedonthavetousetheservernameinthispartof
theconfigfile.Thishelpskeepsmallthenumberofplacesintheconfigfileswheretheservernameiswritten
(makingyourconfigfilesmoremaintainable).

First,weneedtomakesurethatmod_rewriteisenabled.Todothis,editc:\xampp\apache\conf\httpd.confand
getridofthecomment(#character)inthisline:

#LoadModule rewrite_module modules/mod_rewrite.so

tomakeitlooklikethis:
LoadModule rewrite_module modules/mod_rewrite.so

Now,pastethefollowingtextintothetopofc:\xampp\apache\conf\extra\httpdxampp.conf:
<IfModule mod_rewrite.c>
RewriteEngine On

# Redirect /xampp folder to https


RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} xampp
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]

# Redirect /phpMyAdmin folder to https


RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} phpmyadmin
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]

# Redirect /security folder to https


RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} security
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]

# Redirect /webalizer folder to https


RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} webalizer
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]
</IfModule>

Ifyouhaveotherfoldersyouwanttoredirecttohttps://,addthegenerictextbelow(butsubstituteyourfolder
name):
# Redirect /folder_name folder to https
http://robsnotebook.com/xampp-ssl-encrypt-passwords 4/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

RewriteCond %{HTTPS} !=on


RewriteCond %{REQUEST_URI} folder_name
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]

Ifyouaregoingtohostawebdavserver,itisprobablybesttonothavethisredirectionandtojustrequire
https://.Thisway,peoplecanonlyusehttps://whenaddressingyourwebdavfolder.Itriedusingredirectionfor
awebdavserverandgivinghttp://inbothXPandMACOSX,anditdidntworkwhenencryptionisrequired.

Onethingtokeepinmindwiththisredirectionisthatifyouhavevirtualhosts,youneedtoplacetheredirection
code(withtheRewriteCondandRewriteRule)insideofyourvirtualhostdeclarations,otherwisetheredirection
wontwork.

Previous<Removedefaultusernamesandpasswords

Comments(75)

75Comments
1. RobOudendijkon01Nov2007at12:11am

YourarticleabouttheSSLcertificateonXamppsavedmyday.

thanks
regardsRobOudendijk

2. sherifsakron05Dec2007at3:19am

Greatthankyouverymuch.

3. FeArXon17Dec2007at8:15pm

Hey!Thisisagreattutorial!=DCanyoumakeonelikethisbutusingothercertificationauthorities?like
Verisign?Thanks

4. areenon31Mar2008at8:07am

Wow!Thatwasareallygreattutorialafterall!

thanku..
ngeee:D

5. HungDinhon24Apr2008at11:29am

thisisaveryusefularticle.Thankyou.Isolvemyproblemforclassproject.

6. Danielon01May2008at12:59am

Excellentarticle!JustwhatIwantedtoknow.

7. IvoRoperon13May2008at7:21pm

ThankyouRob!Anothernote,folkswilllikelyalsowanttochangeentriesinapache/conf/extra/httpd
ssl.conftoreflectyourdomain,serverroot,folderpermissionsandsoforth.
http://robsnotebook.com/xampp-ssl-encrypt-passwords 5/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

8. NathanLodingon10Jun2008at10:11am

Thankyouforthearticle.ThishelpedmeimmenselyIhavesetupHTTPSandcertsonanIIS
machine,butneverwithApache.Thanks.

9. Chrison02Jul2008at6:22pm

YoureafreakingXAMPPking.Manythanks.Secondingthethirdparty/verisigncommentfromabove.

10. pdevon05Oct2008at1:14pm

Iamunderyourspell!
Doingtechnicaldocumentationmyselfforover20years,Ihaveaneyeforerrorsordocsthattendtoover
explain.Nottruehere!!!!
YouobviouslyknowthetopicaboveandbeyondanyotherresourceIhavebeenabletofindonthenet.
BeingaWindowswhoreformanyyears,ImslowlymakingtheleaptoApacheinhopesofhostingmy
owndomain.

Youredoingtheworkformeandatthesametime,demonstratinginawaythatmakesitstickinmy
head.

AllIcansayisWOWandThanksamilliontimesforyourefforts.

11. whoamion28Oct2008at5:22am

thanksalot.Withoutyoumydatabasecouldvebeenspoiltbyirrisponsiblepeeps.cheers

12. Matthewon09Nov2008at8:55am

Hithere!Thisisagreattutorial,butIveagotabuginmysystem&Iwashopingsomeonecantellme
howtofixit.ImcurrentlyusingXAMPPwin32version1.6.8&myproblemisthatafterrunningthe
makecertcommandImunabletotypeanythingwhenrequestedforthepassphrase&asaresultIcant
proceed.Cananyonehelpmeoutwiththis?

13. Matton10Nov2008at12:17am

Thankyou!

14. janon22Nov2008at5:27pm

Thankyougreatexplanation

15. arifekoon24Nov2008at6:07am

thax,itsusefull

16. HieuHanon24Nov2008at11:21pm

Manythanks.HowIloveyourtutorialhowIloveinternet

17. JanMichaelYapon26Nov2008at3:48am

ThankyouMr.Rob

18. confusedon08Dec2008at10:56am

http://robsnotebook.com/xampp-ssl-encrypt-passwords 6/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

Idontgetwhichpassphrasegetsrevealedtoothersandwhichstaysprivate??Idontunderstand!allI
wantisforhttps://toworkwhydotheymakeitsodifficult?Whereisconfigfile?WheredoIaddthis
stuff?WhenIfollowdirectionsitdoesntworkthenIgotomysiteanditsaysforbidden!

19. sslcertificatewithIEbrowseron15Dec2008at9:05pm

IalreadydoyourstepIgotsuccesswithFirefoxbrowserbutIEbrowser,itdoesntworks,canyoutell
detailaboutthis?

chhivhorng

20. bpon15Jan2009at2:50am

whythisstepbystep,notworkwithURLwithother80port??
please

21. AnupamGuptaon26Jan2009at6:52am

Thanksyousir,

thatwasreallyhelpful,

22. Carmenon04Feb2009at10:29am

YourtutorialissimplythebestIcouldfindinalltheweb.
Ididntunderstandthelastpoint
Onethingtokeepinmindwiththisredirectionisthatifyouhavevirtualhosts,youneedtoplacethe
redirectioncode(withtheRewriteCondandRewriteRule)insideofyourvirtualhostdeclarations,
otherwisetheredirectionwontwork.
HowcanIplacetheredirectioncodeinmyhostdeclaration?Whereismyhostdeclaration?Becausemy
redirectionsseemnottoworkThankyou

23. Nevenon12Mar2009at11:31am

Hello!
First,idliketothanktheauthorforthisarticle,itsabsolutelygreatandhelpful.

ButihaveonequestionregardingtoSSLCertificates.

Doesanybodyknowhowtoautomaticallyinstallcertificatefromserver,soidontneedtomanualy
importitoneverybrowser?
Forexample,iambuildingAdobeFlexapplication,andiamnotgettinganywarrningsforuntrusted
certificateauthority..ofcourse,myapplicationdoesntworkwithoutimportedcertificateinusedbrowser.

Iappreciateanyhelp.

24. faardeenon18Mar2009at10:34am

itsnotworkingforme

theerrorisasbelow:

SecureConnectionFailed

localhostusesaninvalidsecuritycertificate.

http://robsnotebook.com/xampp-ssl-encrypt-passwords 7/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

Thecertificateisnottrustedbecauseitisselfsigned.
Thecertificateexpiredon12/4/20067:11AM.

(Errorcode:sec_error_expired_issuer_certificate)

*Thiscouldbeaproblemwiththeserversconfiguration,oritcouldbesomeonetryingtoimpersonate
theserver.

*Ifyouhaveconnectedtothisserversuccessfullyinthepast,theerrormaybetemporary,andyoucan
tryagainlater.

Oryoucanaddanexception

25. Renon31Mar2009at7:32am

ThiswasSOhelpfulTHX!
Onequestionmyvhostdirmanager(http)redirectstovhostdirmanager.ssl(htpps).Howdoesthe
modrewritelookslikeinmycase?

26. softon05Apr2009at9:00am

Hippl cansomeoneplzhelpme?iamstuckat:EditApacheconfigforencryptiononlyaccessto
passwordprotectedfolders.alltheotherstuffisdone.haveidonethisrightornot..itdoesnotusehttps
now:/hereismyhttpdxampp.

RewriteEngineOn

#Redirect/xamppfoldertohttps
RewriteCond%{HTTPS}!=on
RewriteCond%{REQUEST_URI}xampp
RewriteRule^(.*)https://%{SERVER_NAME}$1[R,L]

#Redirect/phpMyAdminfoldertohttps
RewriteCond%{HTTPS}!=on
RewriteCond%{REQUEST_URI}phpmyadmin
RewriteRule^(.*)https://%{SERVER_NAME}$1[R,L]

#Redirect/securityfoldertohttps
RewriteCond%{HTTPS}!=on
RewriteCond%{REQUEST_URI}security
RewriteRule^(.*)https://%{SERVER_NAME}$1[R,L]

#Redirect/webalizerfoldertohttps
RewriteCond%{HTTPS}!=on
RewriteCond%{REQUEST_URI}webalizer
RewriteRule^(.*)https://%{SERVER_NAME}$1[R,L]

#XAMPPsettings
#

#ScriptAlias/php/C:/xampp/php/
#Actionapplication/xhttpdphp/php/phpcgi.exe
LoadModulephp5_moduleC:/xampp/apache/bin/php5apache2.dll
AddTypeapplication/xhttpdphpsource.phps
AddTypeapplication/xhttpdphp.php.php5.php4.php3.phtml

http://robsnotebook.com/xampp-ssl-encrypt-passwords 8/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

php_admin_flagsafe_modeoff



SSLRequireSSL

Alias/securityC:/xampp/security/htdocs/

php_admin_flagsafe_modeoff

AllowOverrideAuthConfig
Orderallow,deny
Allowfromall



SSLRequireSSL

Alias/phpmyadminC:/xampp/phpMyAdmin/

AllowOverrideAuthConfig
Orderallow,deny
Allowfromall



SSLRequireSSL

Alias/webalizerC:/xampp/webalizer/

php_admin_flagsafe_modeoff

AllowOverrideAuthConfig
Orderallow,deny
Allowfromall



SSLRequireSSL

Alias/contribC:/xampp/contrib/

php_admin_flagsafe_modeoff

AllowOverrideAuthConfig
Orderallow,deny
Allowfromall



SSLRequireSSL

#AccessrestrictionviaRemote

AllowOverrideAll
AuthTypeBasic
http://robsnotebook.com/xampp-ssl-encrypt-passwords 9/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

AuthNameAUTHREMOTETEST
AuthRemoteServerlocalhost
AuthRemotePort80
AuthRemoteURL/forbidden/
Requirevaliduser
#User:user/Password:pass



SSLRequireSSL

#AccessrestrictionviaMySQL

AuthMySQLEnableOn
AuthNameMySQLSecuredPlace
AuthTypeBasic
requirevaliduser
AuthMySQLHostlocalhost
AuthMySQLUserroot
#AuthMySQLPassword
AuthMySQLDBwebauth
AuthMySQLUserTableuser_pwd
AuthMySQLNameFieldname
AuthMySQLPasswordFieldpass
AuthMySQLPwEncryptionnone

27. rahilon07May2009at6:38am

Thankyouverymuch

itisgreatpostitworksfineinallbrowser

28. Fremahon13May2009at1:39pm

GreatPost.WorkedPerfectly!ThankyousomuchRob

29. Jeedon14May2009at1:58pm

Thankyou!Greatpost

30. trikion24May2009at4:59pm

greatpost,thankyou.

31. Anandon19Jun2009at11:03am

Veryusefullittleguide.Thankusomuch

32. Alion11Jul2009at6:31am

Thankyouforpreciousguide

33. LuisRiveraon04Aug2009at12:05pm

Thankyouverymuch!!!Itisagreatpostanditworksfine.Idliketoknowifthecertificationfile
registerstep(ontheclientside)mybeautomatic.
http://robsnotebook.com/xampp-ssl-encrypt-passwords 10/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

34. imamon05Sep2009at1:06am

Thankssomuchmrrobthisinformationvery..good

35. TMon16Sep2009at3:05am

Niceunderstandablepost.Itworks!

36. ForbiddenProblemSolvedon16Sep2009at4:08am

Quotefromanotherforum:

Well,Ihavesolvedtheaboveproblemjustafterpostingthethread!

TheindicationwasinTueDec1112:02:552007][error][client10.96.10.10]clientdeniedbyserver
configuration:/usr/local/apache2/htdocs/

IdidnotknowthatSSLneedsseparateDocumentRootsettinginhttpdssl.conf!WhenIchangeitfrom
/usr/local/apache2/htdocs/to/home/web/homepage,itworksperfectly!

NowIhaveasecondrelatedquestiontoask.Iwanttoserveafewfolders(e.g.webmail)ONLYunder
https,andNOThttp.HowdoIachievethat?

Insummarychangethedocumentrootinhttpdssl.conftotheoneinthehttpd.conftoo.

37. Basilon25Sep2009at9:50am

FantasticRob.Thankyou.

38. Iullyon16Oct2009at2:03am

Ivefollwedthisstepbutitdosentwork:(.whenIaccesmysitefromanothercomputerIhavejusta
attentionmessage.HowcouldIlockedsiteaccessfromothercomputerusingnewcertificate?

Manythanks,

39. Nomalason29Oct2009at5:42am

Thanks!Yourpageisawsome!

40. cindyon11Nov2009at11:22am

yourtutorialsarereallyawesome,buticantmakethesslcertificateduetosomeunknownreason.Icant
enterthePEMpasswordinthebeginning,thecharacterssimplywontinput.Itriedseveraltimes,
restartedeverythingbutnothingseemstochange.

41. philipon20Nov2009at8:34am

Cindy,justtypeinyourpassword,youwontseethecharacters,butyourpasswordwillbeinputted!

42. hdlkon12Dec2009at2:35am

Couldanyoneexplaintomehowtosecurefolderinsidehtdocbecauseitriedmanytimesbutitdoesnot
workespeciallywheniuseSSLRequireSSL

Thankyou

http://robsnotebook.com/xampp-ssl-encrypt-passwords 11/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

43. NeedtocreateaHTTPSsitefromhome..DigitalWorldCableSatelliteConsoleForumon12Dec2009
at8:27pm

[]NeedtocreateaHTTPSsitefromhome..thisishowtochangethepasswordinxamppXAMPP:
SSLEncrypttheTransmissionofPasswordswithhttps__________________Gunsdontkillpeople,
peoplekill[]

44. Doanminhgiangon09Jan2010at9:50pm

Thanksalot!

45. Chairlineon12Jan2010at2:58pm

Hi,

ThexammpsuccessfullyworksandIhavedoneallthoseconfigurationexcepttheSSL.WhenIclick
Startruncmdthec:\xampp\apachedidnotshow,insteadc:\DocumentsandSetting\myname

Pls.advise.thanks
DidImisssomething?Plshelp.Iamanewbie.

46. bangjampangon25Jan2010at1:00am

hibro,ijusttryedyoututorialanditsworkfineforme,soiustwanttosayalotofbigthanksforyou
tutorial.youhavesavemytimebro,thanksbrokeepupthegoodworkthanks

47. RobertoRdguezGlezon03Feb2010at9:41am

Hola,laverdadesqueesteartculoesunamaravilla.Graciasportodo,hacemuchotiempobuscabaalgo
parecidoymehafuncionadoalaperfeccinperotengounproblema.
CuandohagotodoslospasoselservidorgeneralunCertificadoSSLparaunsitio,quisierageneraruno
paracadasitio.
Simepuedenayudarseloagradecera.
Saludos

48. arieson08Feb2010at4:52am

Helloeverybody,IamsettingupadevelopmentenvironmentusingXAMPP1.7.3onWindows7formy
schoolproject.IhavealreadycreatedaselfsignedCA,ServerandClientcertificatesandinstalledthe
sametoIEandFirefox.TheCAandServercertificatesareworkingfine.TheproblemiswhenIactivate
theclientcertificates:
SSLVerifyClientrequire
SSLVerifyDepth2)
Igetthefollowingerrormessages:
SecureConnectionFailed
Anerroroccurredduringaconnectiontohttp://www.buwbcs.com.
SSLpeerwasunabletonegotiateanacceptablesetofsecurityparameters.
(Errorcode:ssl_error_handshake_failure_alert)
Whatisthepossiblereasonforthiserror?
IEdisplaysthelistofclientcertificatestoselectfrombutFirefoxdoesnot.

Myhttpd.ssl.cnfconfigurationisasfollows:

Listen443

http://robsnotebook.com/xampp-ssl-encrypt-passwords 12/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

AddTypeapplication/xx509cacert.crt
AddTypeapplication/xpkcs7crl.crl

SSLPassPhraseDialogbuiltin
SSLSessionCachedbm:logs/ssl.scache
SSLSessionCacheTimeout300
SSLMutexdefault

DocumentRoot/project/htdocs
ServerNamehttp://www.buwbcs.com:443
ServerAdminwebmaster@buwbcs.com
ErrorLoglogs/error.log

CustomLoglogs/access.logcombined

SSLEngineon
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFileconf/ssl.SERVER/bu_SERVER.crt
SSLCertificateKeyFileconf/ssl.SERVER/bu_SERVER.key
SSLCertificateChainFileconf/ssl.CA/bu_CA.crt
SSLCACertificatePathconf/ssl.CA
SSLCACertificateFileconf/ssl.CA/bu_CA.crt

SSLVerifyClientrequire
SSLVerifyDepth2

SSLOptions+StdEnvVars

SSLOptions+StdEnvVars

BrowserMatch.*MSIE.*nokeepalivessluncleanshutdowndowngrade1.0forceresponse1.0
CustomLoglogs/ssl_request.log%t%h%{SSL_PROTOCOL}x%{SSL_CIPHER}x\%r\%b

Anyhelpinanalyzingtheseandideastosolvethisproblemwillbehighlyappreciated.

Thankyouinadvance.

Aries

49. charison04Mar2010at7:29pm

thankyousomuch!

50. stiffreeon10Mar2010at4:34pm

Sogood!Thanksalot!

51. tcon19May2010at1:33am

Thanksforthetut.
Ithinkthefactthatthepassphasedoesntgetdisplayedonthecmdlineshouldbeclearlystated.

Cheers

52. tcon19May2010at1:34am
http://robsnotebook.com/xampp-ssl-encrypt-passwords 13/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

##Thanksforthetut.
Ithinkthefactthatthepassphasedoesntgetdisplayedonthecmdlineshouldbeclearlystated.

Cheers

53. angelo55on05Jun2010at12:46pm

Thisisaveryverygoodarticle!!!.Thankyou.

54. Jonon23Jul2010at4:06pm

Thisisareallygoodguide,wayyyyyimpressed,butimstuckatEditapacheconfigforencryptiononly
accesspart.

Whatdirectoryandfilenameinapachedoweedit?Isit/conf/httpd.conf?
andwhatsthe
Alias/web_foldercommanddo?

55. dcesaron24Jul2010at11:36pm

amazing,thankyoualot!!!

56. MohamedDawainaSulaimanon27Jul2010at7:21am

HelphowtocreateasimpleOCSPserver?

57. Peppion03Sep2010at3:18am

Okforallofyouthatweregettingblankpages,rememberthatyouaremovingfromhttptohttpsand
thereforearemovingfromport80toport443ifyouaredoingthisonahomeservermakesureyouport
forwardallrequestsonport443toyourserveroryourroutersfirewallwillblockit.Ohyoullalsohave
toopenaportonthewindowsfirewallifyouareevenusingit.Hopethishelpedsomeoneoutthere.

58. aridenon08Sep2010at8:55am

Mercipourcesupertuto

59. Adanon20Sep2010at1:43pm

HowtocreatenewSSLcertificate????Iwanttoreplaceoldone.

60. HowtoconfigureSSLforvirtualhost.Drijaon18Nov2010at4:04am

[]didtheconfigurationchangesassuggestedby:http://robsnotebook.com/xamppsslencrypt
passwordsanditseemslikeworkingfine.ButstillwhenItypeinwithmyservername.comitredirectsto
[]

61. afzaron04Jan2011at9:50pm

Howdoiresetmylocalhostrootuserusernameandpassword.Icannotrememberitandlostthe
paperwork!!Pleasehelp!!

62. Ianon04Mar2011at8:14pm

Worksexactlyasdocumentedinthispost.Brilliant!

http://robsnotebook.com/xampp-ssl-encrypt-passwords 14/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

63. slowon15Mar2011at4:55pm

Hi.WhenitrytoCreateSSLCertificateandServerPrivateKeyIgetthiserror:

x:\DocumentsandSettings\xxxx>E:\xampp\apache\makecert.bat
Thesystemcannotfindthepathspecified.
Thesystemcannotfindthepathspecified.
Thesystemcannotfindthepathspecified.
CouldNotFindC:\DocumentsandSettings\xxxx\.rnd
CouldNotFindC:\DocumentsandSettings\xxxx\privkey.pem
CouldNotFindC:\DocumentsandSettings\xxxx\server.csr
Thesystemcannotfindthefilespecified.
Thesystemcannotfindthefilespecified.


DasZertifikatwurdeerstellt.
Thecertificatewasprovided.

Pressanykeytocontinue...
>>

Doingthis:
Run,typecmdandpressOK)
cdc:\xampp\apache
makecert
>>
doesnothingIreplacedthecwithe
Anyideea?
Thanks.

64. OSCARon29Mar2011at11:04pm

gRACIASPORTUTUTORIALESTAMUYBUENO

65. Ananon17May2011at5:24am

GreatJob

66. Jonon11Jun2011at10:57am

Itworksokformeuntilthelaststep.WhenIstartthebatchfile,privkey.pemappearsinc:\xamppandthe
whenItypethelastpassphrase,itdisappears.Ididasearchofthewholexamppfoldertreeandnopem
files!

Thetutorialsaysthemakecert.batscriptwillmoveyourserverprivatekeyandcertificatesinthe
appropriatedirectoriesbutwhataretheappropriatedirectories.Theyarenotinthexampppathforsure!

67. Andreaon29Jun2011at2:13am

fantastic,workitwithapache2.Xonxampp
thanks

68. Kostison03Jul2011at5:49pm

Greatepost.Reallyusefulandaccurate.However,Ihaveaproblem.Wheniopenmyindexpage,itopens

http://robsnotebook.com/xampp-ssl-encrypt-passwords 15/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

inhttp.Whenagotologinform,itopenswithhttps.Theproblemisthatafterthat,whenIreturntothe
homepage,thehttpsremains.Ifsomeonecanproposesomething,Iwouldappreciateit.THANKYOU.
Congratulationsagain.

69. nikkion19Sep2011at3:53am

Hello,
Iamtryingtoredirecthttptohttps.IsuccessfullyfollowedthestepstocreateSSLCertificateasper
thiswebsite:
However,itseemsthatitdidntwork.Iamstillgettingthefollowingerrormessages:
ForIEbrowser:
Thereisaproblemwiththiswebsitessecuritycertificate.
Thesecuritycertificatepresentedbythiswebsitewasnotissuedbyatrustedcertificateauthority.
Thesecuritycertificatepresentedbythiswebsitewasissuedforadifferentwebsitesaddress.

ForFirefoxbrowser:
Thiswebsitedoesnotsupplyownershipinformation.

DoIneedtobuySSLCertificates?
Appreciateyoursuggestions.

Thanks.

70. nikkion19Sep2011at3:56am

Hello,
Iamtryingtoredirecthttptohttps.IsuccessfullyfollowedthestepstocreateSSLCertificateasper
thiswebsite:
However,itseemsthatitdidntwork.Iamstillgettingthefollowingerrormessages:
ForIEbrowser:
Thereisaproblemwiththiswebsitessecuritycertificate.
Thesecuritycertificatepresentedbythiswebsitewasnotissuedbyatrustedcertificateauthority.
Thesecuritycertificatepresentedbythiswebsitewasissuedforadifferentwebsitesaddress.

ForFirefoxbrowser:
Thiswebsitedoesnotsupplyownershipinformation.

DoIneedtobuySSLCertificates?
Appreciateyoursuggestions.

Thanks.

71. MYHon08Oct2011at7:07pm

Greattutorial!Thanks.

72. marcoson09Jun2012at9:16pm

Thebesttutorialever!!Yousavedmyassss!!!!!!!

73. satyamon23Jun2012at5:15pm

Everytutorialofyoursissoeasytounderstandandsimplygreat..keepitupandgodblessyou!!

74. scon07Aug2012at6:11am

http://robsnotebook.com/xampp-ssl-encrypt-passwords 16/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

ReplytoNikki:
certisdifferentfromwebpage.
itdidntworktousereloadbutton.
uneedtoclosewebbrowserandopenanewone.

75. scon07Aug2012at6:14am

replytoslow:
urpathdidnotchangetoe:successfully.

RSSfeedforcommentsonthispost.

Sorry,thecommentformisclosedatthistime.

Subscribe

Posts
Comments

MainNavigation

Home
About

Categories

FileZilla
Mac
Parallels
Perl
Tools
Troubleshooting
Uncategorized
Windows
Word
Wordpress
XAMPP

Links
Bluehost

Archives

June2010
August2008
June2008
March2008
November2007
August2007
July2007
June2007
http://robsnotebook.com/xampp-ssl-encrypt-passwords 17/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

May2007
April2007

SearchForm

Search

November2015
M T W T F S S
1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30
Jun

LatestPosts

HDMIAudiopoppingnoisesonATIGraphicsCardfixed!
PrinttoPDFWithoutGettingPromptedforaFilename
RobsPERLCookbook
WindowsSoftwarethatIUsuallyInstall
HowToSetupaFreePHPDebuggerusingEclipsePDT+XDebug
DisplayMySQLVariableswithaPHPTool
InstallWindows98SEinParallelsDesktop3.0forMac
ChangeFilezillaFTPServerRemoteAdministrationPassword
RemoveDefaultUsers/PasswordsfromXAMPPFilezillaFTPServer
RemoveDefaultUsernames/PasswordsIncludedWithXAMPP

ValidXHTML

http://robsnotebook.com/xampp-ssl-encrypt-passwords 18/19
11/18/2015 XAMPP: SSL Encrypt the Transmission of Passwords with https

Copyright2015http://robsnotebook.com

http://robsnotebook.com/xampp-ssl-encrypt-passwords 19/19

You might also like