Open the command prompt and cd to your Apache installations "bin" directory. Usually it would be:
cd "C:\Program Files\Apache Software Foundation\Apache2.2\bin"
To create the SSL certificate we will need the openssl.cnf files location but the default location set by OpenSSL for this file is setup according to a Linux distribution, so we need to fix it for Windows.
We need to setup the Windows environment variable OPENSSL_CONF to point to the openssl.cnf files location. It is usually located in "C:\Program Files\Apache Software Foundation\Apache2.2\conf\openssl.cnf" directory.
So we can set it up by the following command or through the GUI interface:
set OPENSSL_CONF=C:\Program Files\Apache Software Foundation\Apache2.2\conf\openssl.cnf
All files generated from the following commands will reside in "C:\Program Files\Apache Software Foundation\Apache2.2\bin" folder.
Now that we have the environment variable set we need to create a new OpenSSL certificate request using the following command:
openssl req -new -out server.csr
It will ask you some questions and you can safely ignore them and just answer the following questions:
PEM pass phrase: Password associated with the private key you’re generating (anything of your choice).
Common Name: The fully-qualified domain name associated with this certificate (i.e. www.your-domain.com).
Now we need to remove the passphrase from the private key. The file "server.key" created from the following command should be only readable by the apache server and the administrator. You should also delete the .rnd file because it contains the entropy information for creating the key and could be used for cryptographic attacks against your private key.
openssl rsa -in privkey.pem -out server.key
Now we need to set up an expiry date, it could be any time of your choice, we use 365 days below:
openssl x509 -in server.csr -out server.cert -req -signkey server.key -days 365
We have the Self-signed SSL certificates ready now. Now We need to MOVE the "server.cert" and "server.key" file to the
"C:\Program Files\Apache Software Foundation\Apache2.2\conf" location.
Open CSR file with Notepad or Wordpad, copy all and paste into this tool can test CSR is valid and accurate or not: https://cryptoreport.websecurity.symantec.com/checker/views/csrCheck.jsp
Copy the entries of CSR file and send it to VietNamHost , or paste it to the online SSL order screen on VietNamHost website.
After you receive your SSL Certificate from VietNamHost, you can install it.
See Apache on Windows Server SSL Installation Instructions.
