Windows
I wouldn’t have wrote this post if my software team was open to install latest version of apache_openssl.
One of our apache server is running on windows. During installation admin got apache-2.2.10_no_ssl installed. For some reason we chose to host web over SSL & not willing to update Apache version. Latest version with ssl support was easiest option, still I am told to use same version.
I am told to use self signed cert as this is for branch communication.
Following is the easiest way i found to integrate ssl support.
Gather supporting exe, dlls & conf
Copy required files (mentioned below) from same version of apache with openssl support.
From here you can download old version of apache.
e.g I am using apache-2.2.10_no_ssl, I need to extract below files from apache-2.2.10_openssl installation.
copy following files from apache_openssl installed folder to apache_no_ssl (basically you need separate machine for apache_openssl installation.)
bin\libeay32.dll
bin\ssleay32.dll
bin\abs.exe
bin\openssl.exe
conf\openssl.cnf
Apache configuration
In httpd.conf uncomment following lines.
LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
Changes in httpd-ssl.conf
SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.cert"
change DocumentRoot "c:\YOUR_WEBSITE"
Generate Self Signed Certificate Source
Run following commands from apache 2.2 folder.
cd conf
..\bin\openssl req -config openssl.cnf -new -out server.csr
..\bin\openssl rsa -in privkey.pem -out server.key
..\bin\openssl x509 -in server.csr -out server.cert -req -signkey server.key -days 365
Restart apache and verify working https.
Linux
yum install mod_ssl
service httpd reload / restart
When I started this post, had no intention to include Linux mod_ssl installation, though included if by chance I encourage windows admin to support Linux too. Have seen few win admins who prefers windows only.