The serverwatch article was very helpful in the setup of ssl on windows, however it is written with Apache 1.3.26 / Mod_SSL 2.8.10 in mind, so I did not achieve complete success with this alone. Oh sure, it seemed successful on the local machine, but when it came to accessing an actual domain name, things changed.
I was getting errors like: (OS10048) Only one usage of each socket address (protocol/network address/port) is normally permitted. :make_sock could not bind to address 0.0.0.0:443 no listening sockets available, shutting down, unable to open logs.
And of course, nothing I tried seemed to work. Adding the ip address in front of the Listen directive just changed the IP address in the error message. Removing the listen 443 directive revealed the next error message: Only one usage of each socket address (protocol/network address/port) is normally permitted. :make_sock could not bind to address 0.0.0.0:80 no listening sockets available, shutting down, unable to open logs.
So, once I had achieved success, I decided to document the process in case I have to do it again and need a memory jogger. I recommend you visit the two sites I used as reference, as they have a lot of useful links.
This document assumes an existing installation of Apache 2.0.xx.
Text taken from the above article is in bold italics.
The system I have running uses Apache 2.0.47 (win32) mod_ssl / 2.0.47 OpenSSL / 0.9.7b. I had Apache 2.0.36 with no SSL prior to this install.
At the time of the writing of this, there is no binary release of apache2 with SSL compiled-in, due to the US authorities limiting export of encryption software. See http://www.apacheweek.com/features/ssl
Before you start
BACKUP your entire Apache directory. Delete all subdirectories and files from your c:\apache folder.
Navigate to http://hunter.campbus.com/ and download the latest Apache2_openssl zip file (Apache_2.0.47-OpenSSL_0.9.7b-win32.zip at time of writing) You will also need a config file, which you can download from http://www.tud.at/programm/openssl.cnf (right click this link and select ôsave target as.. save as openssl.cnfö)
Extract the zip file into your c:\apache directory. Create a directory c:\apache\openssl Now create another directory c:\apache\openssl\bin
Extract/copy openssl.exe to c:\apache\openssl\bin. Extract/copy libeay32.dll and ssleay32.dll to c:\WINNT\system32
To create a test certificate for using SSL, open a command prompt window, enter a change directory command: cd C:\Apache\openssl\bin and then enter the following commands:
Now, from this point, it gets a little weird. This is what I spent 4 days trying to get to workà.
Now, with Apache running, edit your httpd.conf and comment out the Listen 80 directive
Open a command prompt, navigate to your apache/bin directory, then enter the following:
Apache ûD SSL
If there are any problems with your SSL setup, this will show any relevant error messages. If you do not comment out the Listen directive in httpd.conf before running this command, you will get those error messages I referred to earlier.
If you use IfDefine SSL in the ssl.conf (default) and start apache as a service, you need to edit the apache command line in the registry. In this case, the option -D SSL has to be appended to the value of the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Apache2.
Restart your service. You should now have both https and http running.