Apache

 
 
Apache is a powerful and flexible HTTP/1.1 compliant web server. Originally designed as a replacement for the NCSA HTTP Server, it has grown to be the most popular web server on the Internet. As a project of the Apache Software Foundation, the developers aim to collaboratively develop and maintain a robust, commercial-grade, standards-based server with freely available source code.

The Apache HTTP Server is distributed at no charge for commercial or non-commercial use. For more information read the LICENSE.txt file.

Apache can be used with Microsoft Windows. The Apache HTTP Server Version 2.0 runs under Windows NT, Windows 2000 and Windows XP. You should download the version of Apache for Windows with the .msi extension. This is a single Microsoft Installer file containing Apache, ready to install and run.

The latest Apache HTTP Server version can be downloaded from: http://httpd.apache.org/
The latest Apache 1.3 documentation can be found at: http://httpd.apache.org/docs/1.3/
The latest Apache 2.0 documentation can be found at: http://httpd.apache.org/docs/2.0/
The latest Apache 2.2 documentation can be found at: http://httpd.apache.org/docs/2.2/

rss feed






Installing Apache 2 and SSL on Windows XP



Information
none

Operating system used
Windows XP Home Edition Version 5.1 SP 2

Software prerequisites
Apache 2.0.49
Create certificate signed by your own CA and private key or Create self signed certificate and private key


Procedure
  1. Lets assume you have two websites www.abcxyz.com and www.mobilefish.com. Data transmitted to www.mobilefish.com must be secured when needed as well as unsecured. Website www.abcxyz.com does not need to be secured.

    IP URL SSL
    192.168.1.100 http://www.mobilefish.com no
    192.168.1.100 https://www.mobilefish.com yes
    192.168.1.100 http://www.abcxyz.com no


  2. To serve your webpages by Apache, first create two DocumentRoots from which you will serve your web pages. As an example, create the following directories:

    • c:\mobilefish_web (for www.mobilefish.com)
    • c:\abcxyz_web (for www.abcxyz.com)

    and put all your webpages in their respective directories.

  3. To setup SSL for Apache 2 you can use the mod_ssl module.
    Download mod_ssl module for Apache 2: modssl2049.zip

    Note: You CANNOT use the mod_ssl module for Apache 1.3.x which can be found at: http://www.modssl.org

  4. Download and unzip modssl2049.zip to a directory, for example: C:\Tools\modssl2049

    This zip file contains the following files:
    • mod_ssl.so
    • readme.txt
    • openssl.exe (This executable will not be used.)
    • libeay32.dll
    • ssleay32.dll

  5. Copy the files ssleay32.dll and libeay32.dll to c:\WINDOWS\system32.

  6. Copy the file mod_ssl.so to C:\Tools\Apache Group\Apache2\modules

    This module provides SSL v2/v3 and TLS v1 support for the Apache HTTP Server. This module relies on OpenSSL to provide the cryptography engine.

  7. Create the directory ssl:
    mkdir c:\Tools\Apache Group\Apache2\conf\ssl



  8. Choose one of the following procedures:

  9. Add and change the following lines in the
    C:\Tools\Apache Group\Apache2\conf\httpd.conf.
    The changes mentioned here are based on the httpd.conf created in the quick guide
    "Host two domains using name-based virtual hosting."

    Listen 80

    LoadModule ssl_module modules/mod_ssl.so

    ServerAdmin [email protected]

    ServerName www.mobilefish.com:80

    DirectoryIndex index.html index.html.var index.shtm index.htm

    NameVirtualHost 192.168.1.100

    <VirtualHost 192.168.1.100:80>
       ServerAdmin [email protected]
       DocumentRoot c:/mobilefish_web
       ServerName www.mobilefish.com
       ErrorLog logs/www.mobilefish.com-error_log
       #TransferLog logs/www.mobilefish.com-access_log
       CustomLog "|c:/weblogs/rotatelogs.exe c:/weblogs/
                www.mobilefish.com-access_%y%m%d.log 86400" combined
       <Directory "c:/mobilefish_web">
           Options +Includes
           AddType text/html shtm
           AddOutputFilter Includes shtm
       </Directory>
    </VirtualHost>

    <VirtualHost 192.168.1.100:80>
       ServerAdmin [email protected]
       DocumentRoot c:/abcxyz_web
       ServerName www.abcxyz.com
       ErrorLog logs/www.abcxyz.com-error_log
       #TransferLog logs/www.abcxyz.com-access_log
       CustomLog "|c:/weblogs/rotatelogs.exe c:/weblogs/
                www.abcxyz.com-access_%y%m%d.log 86400" combined
       <Directory "c:/abcxyz_web">
           Options +Includes
           AddType text/html shtm
           AddOutputFilter Includes shtm
       </Directory>
    </VirtualHost>


    View the updated httpd.conf file with the SSL module enabled.

    Directive Remark
    LoadModule The LoadModule directive links in the library modules/mod_ssl.so and adds the module structure named ssl_module to the list of active modules.


  10. Verify if file c:\Tools\Apache Group\Apache2\conf\ssl.conf exists.
    If not download the ssl.conf file.

  11. Choose one of the following procedures:

    • If you have created a certificate signed by CA and private key, do the following:

      Change the following lines in the file c:\Tools\Apache Group\Apache2\conf\ssl.conf

      <VirtualHost 192.168.1.100:443>
         ServerAdmin [email protected]
         DocumentRoot c:/mobilefish_web
         ServerName www.mobilefish.com
         ErrorLog logs/www.mobilefish.com-secure_error_log
         CustomLog c:/weblogs/www.mobilefish.com-secure_access_log \
               "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
         <Directory "c:/mobilefish_web">
             Options +Includes
             AddType text/html shtm
             AddOutputFilter Includes shtm
         </Directory>
         SSLEngine On
         SSLCertificateFile conf/ssl/mobilefish.com_cert.pem
         SSLCertificateKeyFile conf/ssl/mobilefish.com_key.pem
         SSLCACertificateFile conf/ssl/cacert.pem
      </VirtualHost>


      Directive Remark
      ServerAdmin Email address that the server includes in error messages sent to the client.
      DocumentRoot This directive sets the directory from which httpd will serve files.
      ServerName This directive sets the directory from which httpd will serve files.
      Directory The Directory directive "<Directory>" is included in this example if you want to use Server Side Includes (SSI).
      SSLEngine On This directive toggles the usage of the SSL/TLS Protocol Engine.
      SSLCertificateKeyFile This directive points to the PEM-encoded Private Key file for the server.
      SSLCertificateFile This directive points to the PEM-encoded X.509 Certificate file for the server and optionally also to the corresponding RSA or DSA Private Key file for it (contained in the same file).
      SSLCACertificateFile This directive sets the all-in-one file where you can assemble the Certificates of Certification Authorities (CA) whose clients you deal with. These are used for Client Authentication. Such a file is simply the concatenation of the various PEM-encoded Certificate files, in order of preference. This can be used alternatively and/or additionally to SSLCACertificatePath.


    • If you have created a self signed certificate and private key, do the following:

      Change the following lines in the file c:\Tools\Apache Group\Apache2\conf\ssl.conf

      <VirtualHost 192.168.1.100:443>
         ServerAdmin [email protected]
         DocumentRoot c:/mobilefish_web
         ServerName www.mobilefish.com
         ErrorLog logs/www.mobilefish.com-secure_error_log
         CustomLog c:/weblogs/www.mobilefish.com-secure_access_log \
               "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
         <Directory "c:/mobilefish_web">
             Options +Includes
             AddType text/html shtm
             AddOutputFilter Includes shtm
         </Directory>
         SSLEngine On
         SSLCertificateFile conf/ssl/mobilefish.com_cert.pem
         SSLCertificateKeyFile conf/ssl/mobilefish.com_key.pem
      </VirtualHost>


      Note:
      Mobilefish.com provides a free service to create self-signed SSL certificates online.

      Directive Remark
      ServerAdmin Email address that the server includes in error messages sent to the client.
      DocumentRoot This directive sets the directory from which httpd will serve files.
      ServerName This directive sets the directory from which httpd will serve files.
      Directory The Directory directive "<Directory>" is included in this example if you want to use Server Side Includes (SSI).
      SSLEngine On This directive toggles the usage of the SSL/TLS Protocol Engine.
      SSLCertificateKeyFile This directive points to the PEM-encoded Private Key file for the server.
      SSLCertificateFile This directive points to the PEM-encoded X.509 Certificate file for the server and optionally also to the corresponding RSA or DSA Private Key file for it (contained in the same file).


  12. Verify if the files httpd.conf and ssl.conf are correctly modified:

    C:\Tools\Apache Group\Apache2\bin\apache -t

    You should see the following:

    Syntax OK

  13. Start Apache (apache -k).

  14. In the browser type: https://www.mobilefish.com

  15. Double click the closed lock symbol Secure Key on the Internet Explorer browser.

    • If you have used a certificate signed by CA and private key, you will see the following:
      Unfortunately all text are in ducth.

      Certificate signed by CA General

      Certificate signed by CA Details

      Certificate signed by CA Path

    • If you have used a self signed certificate and private key, you will see the following:
      Unfortunately all text are in ducth.

      Certificate self signed General

      Certificate self signed Details

      Certificate self signed Path