The mod_ssl module in Apache allows you to secure the web server with SSL or TLS encryption. This article will show how to enable mod_ssl in apache to ensure the your website handles secure HTTPS connections.

Prerequisites

• Apache HTTP Server.
• Administrative privileges on the Windows system.
• A valid SSL certificate.

Steps to Enable mod_ssl in Apache

Step 1: Locate the Apache Configuration Directory

Initially, locate the directory in which Apache is set up. On Windows, Apache is typically installed by default in C:\Apache24\. This path may vary based on how your installation is configured.

Step 2: Enable mod_ssl

• Open the Apache Configuration File:

Navigate to the conf directory inside your Apache installation directory. Locate the httpd.conf file and open it with a text editor such as Notepad.

C:\Apache24\conf\httpd.conf

• Load the mod_ssl Module:

In the httpd.conf file, look for the following lines and ensure they are uncommented (remove the # at the beginning of the lines if present):

LoadModule ssl_module modules/mod_ssl.so

• Include the SSL Configuration File:

Still in the httpd.conf file, find and uncomment the following line to include the SSL configuration file:

Include conf/extra/httpd-ssl.conf

Step 3: Configure SSL

• Open the SSL Configuration File:

Navigate to the extra directory inside your Apache configuration directory and open the httpd-ssl.conf file with a text editor:

C:\Apache24\conf\extra\httpd-ssl.conf

• Set Up Your SSL Certificate:

find ssl certificagte and ok in httpd-ssl.conf file. generate self-signed cerificate for testing purpose and see that the private file and ssl certificate point this paths.

SSLCertificateFile "C:/Apache24/conf/ssl.crt/server.crt"
SSLCertificateKeyFile "C:/Apache24/conf/ssl.key/server.key"

Step 4: Generate a Self-Signed Certificate (Optional)

• To test generate a self signed certificate if not have a valid SSL certificate.

cd C:\Apache24\bin

• To create a self-signed certificate, run the following OpenSSL command and enter the required data as directed.

openssl req -new -x509 -days 365 -nodes -out "C:\Apache24\conf\ssl.crt\server.crt" -keyout "C:\Apache24\conf\ssl.key\server.key"

Step 5: Update Virtual Hosts Configuration

In the httpd-ssl.conf file, ensure the VirtualHost configuration is set correctly. Modify the <VirtualHost _default_:443> block as needed:

<VirtualHost _default_:443>
    DocumentRoot "C:/Apache24/htdocs"
    ServerName www.example.com:443
    SSLEngine on
    SSLCertificateFile "C:/Apache24/conf/ssl.crt/server.crt"
    SSLCertificateKeyFile "C:/Apache24/conf/ssl.key/server.key"
    <Directory "C:/Apache24/htdocs">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Step 6: Restart Apache

After making these changes, restart the Apache server to apply the configuration

• Open a command prompt with administrative privileges.

• Stop the Apache server:

httpd -k stop

• Start the Apache server:

httpd -k start

Step 7: Test Your Configuration

In browser, go to https://localhost. You should be able to view the default Apache welcome page over a secure connection if everything is configured correctly.

Conclusion

We have successfully enabled and configured mod_ssl in Apache on a Windows system. This setup allows you to serve your website over HTTPS, ensuring that the data transmitted between your server and clients is encrypted. Remember to replace the self-signed certificate with a valid one from a trusted Certificate Authority for production use. Regularly update and maintain your SSL certificates to keep your site secure.