![]() Next, we redirect any “http” traffic to these pages to “https” (this is optional). First, we setup the Apache config files for these folders to say they can only be accessed with SSL encryption. Now we will instruct Apache to access the password protected folders with SSL encryption exclusively. Select file: c:\xampp\apache\conf\ssl.crt\server.crt, and click “Open”Ĭheck “Trust this CA to identify web sites”Ĭlick “OK” In original Options window to get back into FirefoxĮdit Apache config for encryption only access to password protected folders. Here are the steps to import the certificate into Firefox 2:Īdvanced->Encryption Tab->View Certificates Button Importing the certificate into Firefox 2: Leave default to Place all Certificates in Certificate store: Trusted Root Certification Authorities, and click Next Provide file name: c:\xampp\apache\conf\ssl.crt\server.crt Now you’ll see the “Certificate Import Wizard” Trusted Root Certification Authorities Tab->Import Button Here are the steps to import the certificate into IE 7: To turn off this warning, the certificate should be imported as a trusted CA into any browsers that you will use to access your server. Since this certificate is self signed, and is not signed by a well known Certificate Authority (CA), when you browse to the protected pages you’ll get a warning. Import the certificate into the browser for each client The makecert.bat script will move your server private key and certificates in the appropriate directories for you. You are now finished creating your SSL certificate and private key. Subject=/C= xx/ST= xx/L= xxxx/O= xxx/CN= commonname Please enter the following 'extra' attributesĮnter the pass phrase that you created earlier, and now you will see this: Eventually, you will be asked for the pass phrase for privkey.pem: Fill in what you think is appropriate, but it is OK to just hit ENTER to accept the defaults. After you enter in the “Common Name”, you are asked for more information. If you are running this website over the public internet on an IP address that changes sometimes, you can use a Dynamic DNS service such as to get a free domain name that always points to your server. It is important that this common name match the address that goes into a browser, otherwise you will get extra warnings when navigating to your secure web pages. The name that you enter in here will need to match the server name that is entered into the browser that is accessing the page. Organizational Unit Name (eg, section) :įor “Common Name”, you need to enter in the DNS name or IP address of your website. Organization Name (eg, company) :Rob's Great Company Enter is what you think is most appropriate, but stop when you are asked for “Common Name” You’ll be asked for a few more items (shown below). If you enter '.', the field will be left blank.Įnter in your 2 letter country code. There are quite a few fields but you can leave some blankįor some fields there will be a default value, What you are about to enter is what is called a Distinguished Name or a DN. ![]() You are about to be asked to enter information that will be incorporated into your certificate request. Now you will be asked to verify it:Įnter your passphrase a second time and hit Enter. Write down this passphrase so you don’t forget it. ++++++Įnter in a pass phrase for decrypting your private server key, and press Enter. Loading 'screen' into random state - done Open a command window (Start->Run, type “cmd” and press “OK).To execute this batch file, do the following: XAMPP provides a batch file for creating a new certificate/key with random encryption keys. If someone knows your key, they can decrypt your packets. XAMPP provides a default certificate/key that can be used, but it is better to create a new one since the default key is available to anyone who downloads XAMPP. In order to enable the encryption of your password, you must create an SSL certificiate (containing your public key) and a server private key. It’s also a good idea to import your certificates into any browsers on all machines that you plan to use to access your server, otherwise you’ll get a warning about an untrusted certificate authority. There are 2 steps to this process, first we need to create SSL certificates, and then we need to make sure that the password protected pages are only accessed with encryption. It is a good idea to encrypt the transmission of these passwords. If you don’t have encryption enabled on a password protected folder, the password will be sent in cleartext – meaning that it can be seen by anyone using a network sniffer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |