WampServer
Apache, PHP, MySQL
on Windows
Godaddy Wildcard Install with pre-existing wildcard
Posted by:
PfrancoIT
(---.hfc.comcastbusiness.net)
Date: July 22, 2019 04:56PM
Hello All,
Ive been using the WAMP stack for years and have always been able to find answers ... This one has me stumped as Ive never ran into this .
I currently have a valid wildcard cert for the ORG I work for which we use for all servers .. Can someone walk me through as to what Im doing wrong with the cert install .. To my knowledge I do not need to generate a CSR as I already have the cert etc ... My understanding is a new CSR is for a new cert .. (I could be wrong) .
I have 3 files wich Ive downloaded.
Added XXX to filenames.
aed2b0bxxxxxxxx.crt
aed2b0bxxxxxxxx.pem
gd_bundle-g2-g1.crt
I actually followed a guide for self signed on the server itself wich works fine but we need it to use our wildcard ...
After setting up the self signed I went to try and use our wildcard by editing the httpd-ssl.conf.
Once I edit the lines for the SSL the server will not start ...
Here is the working version with the self signed OpenSSL. Ive removed the commenting and just left the lines .
<--------------------------------------------------------------------->
# Server Certificate:
SSLCertificateFile "D:/wamp64/bin/apache/apache2.4.35/conf/key/certificate.crt"
# Server Private Key:
SSLCertificateKeyFile "D:/wamp64/bin/apache/apache2.4.35/conf/key/private.key"
<--------------------------------------------------------------------->
And here is what I changed to that results in Apache start failure .
I have also tried using both aed2b0bxxxxxxxx.crt and gd_bundle-g2-g1.crt as well as both aed2b0bxxxxxxxx.pem and aed2b0bxxxxxxxx.key
<--------------------------------------------------------------------->
# Server Certificate:
SSLCertificateFile "D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bxxxxxxxx.crt"
# Server Private Key:
SSLCertificateKeyFile "D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bxxxxxxxx.pem"
<--------------------------------------------------------------------->
---------------------------------------------------------------------------------------
Here is my SSL error log using .KEY
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] AH02577: Init: SSLPassPhraseDialog builtin is not supported on Win32 (key file D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bbfd79a471.key)
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] AH02564: Failed to configure encrypted (?) private key localhost:443:0, check D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bbfd79a471.key
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=RSA)
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:04093004:rsa routines
ld_rsa_priv_decode:RSA lib
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
And here is the result using .PEM
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] AH02577: Init: SSLPassPhraseDialog builtin is not supported on Win32 (key file D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bbfd79a471.pem)
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] AH02564: Failed to configure encrypted (?) private key localhost:443:0, check D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bbfd79a471.pem
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=RSA)
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:04093004:rsa routinesld_rsa_priv_decode:RSA lib
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
I appologize for the lengthy post, trying to provide as much detail as possible ... Having a heck of a time so any help or guidance is much appreciated ... Thank you all in advance .. !!
Ive been using the WAMP stack for years and have always been able to find answers ... This one has me stumped as Ive never ran into this .
I currently have a valid wildcard cert for the ORG I work for which we use for all servers .. Can someone walk me through as to what Im doing wrong with the cert install .. To my knowledge I do not need to generate a CSR as I already have the cert etc ... My understanding is a new CSR is for a new cert .. (I could be wrong) .
I have 3 files wich Ive downloaded.
Added XXX to filenames.
aed2b0bxxxxxxxx.crt
aed2b0bxxxxxxxx.pem
gd_bundle-g2-g1.crt
I actually followed a guide for self signed on the server itself wich works fine but we need it to use our wildcard ...
After setting up the self signed I went to try and use our wildcard by editing the httpd-ssl.conf.
Once I edit the lines for the SSL the server will not start ...
Here is the working version with the self signed OpenSSL. Ive removed the commenting and just left the lines .
<--------------------------------------------------------------------->
# Server Certificate:
SSLCertificateFile "D:/wamp64/bin/apache/apache2.4.35/conf/key/certificate.crt"
# Server Private Key:
SSLCertificateKeyFile "D:/wamp64/bin/apache/apache2.4.35/conf/key/private.key"
<--------------------------------------------------------------------->
And here is what I changed to that results in Apache start failure .
I have also tried using both aed2b0bxxxxxxxx.crt and gd_bundle-g2-g1.crt as well as both aed2b0bxxxxxxxx.pem and aed2b0bxxxxxxxx.key
<--------------------------------------------------------------------->
# Server Certificate:
SSLCertificateFile "D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bxxxxxxxx.crt"
# Server Private Key:
SSLCertificateKeyFile "D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bxxxxxxxx.pem"
<--------------------------------------------------------------------->
---------------------------------------------------------------------------------------
Here is my SSL error log using .KEY
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] AH02577: Init: SSLPassPhraseDialog builtin is not supported on Win32 (key file D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bbfd79a471.key)
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] AH02564: Failed to configure encrypted (?) private key localhost:443:0, check D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bbfd79a471.key
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=RSA)
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:04093004:rsa routines
ld_rsa_priv_decode:RSA lib[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 10:59:18.613458 2019] [ssl:emerg] [pid 7060:tid 652] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
And here is the result using .PEM
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] AH02577: Init: SSLPassPhraseDialog builtin is not supported on Win32 (key file D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bbfd79a471.pem)
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] AH02564: Failed to configure encrypted (?) private key localhost:443:0, check D:/wamp64/bin/apache/apache2.4.35/conf/key/aed2b0bbfd79a471.pem
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=RSA)
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:04093004:rsa routines
ld_rsa_priv_decode:RSA lib[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon Jul 22 11:01:06.692959 2019] [ssl:emerg] [pid 2604:tid 656] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
I appologize for the lengthy post, trying to provide as much detail as possible ... Having a heck of a time so any help or guidance is much appreciated ... Thank you all in advance .. !!
Re: Godaddy Wildcard Install with pre-existing wildcard
Posted by:
Otomatic
(Moderator)
Date: July 22, 2019 06:27PM
Hi,
Which version of Wampserver do you use?
And, is it a full installation or an update of a previous full version?
---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons
Which version of Wampserver do you use?
And, is it a full installation or an update of a previous full version?
---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons
Re: Godaddy Wildcard Install with pre-existing wildcard
Posted by:
PfrancoIT
(---.hfc.comcastbusiness.net)
Date: July 22, 2019 08:23PM
OTOMATIC, Thank you for replying ...
WampServer Version 3.1.4 64bit
Apache 2.4.35 Port 80- PHP 7.2.10
MySQL 5.7.23 Port 3306
MariaDB 10.3.9 Port 3307
PHP 5.6.38 for CLI (Command-Line Interface)
Full Install out of box ...
WampServer Version 3.1.4 64bit
Apache 2.4.35 Port 80- PHP 7.2.10
MySQL 5.7.23 Port 3306
MariaDB 10.3.9 Port 3307
PHP 5.6.38 for CLI (Command-Line Interface)
Full Install out of box ...
Re: Godaddy Wildcard Install with pre-existing wildcard
Posted by:
Otomatic
(Moderator)
Date: July 22, 2019 08:58PM
Hi,
With Wampserver 3.1.4, there can be unexpected replacements of the dll files (libcrypto-1_1-x64.dll libssl-1_1-x64.dll) in the Apache bin folder with those in the PHP version used.
This can create SSL management problems.
I'm not saying that's the cause of your problem, but it can be.
To avoid this kind of file substitution, you must first update your Wampserver to version 3.1.9 (See the link on the update executable at the end of this message).
After updating to 3.1.9, you will find a folder that contains the original dll files of different versions of Apache:
- wamp64\bin\apache\original_libcrypto_libssl\
and, for your Apache 2.4.35 version, it will be the subfolder :
- wamp64\bin\apache\original_libcrypto_libssl\apache2.4.35_x64\
So you will copy the two dll files in this folder: libcrypto-1_1-x64.dll and libssl-1_1-x64.dll in the bin folder of your Apache version, overwriting the existing files:
- wamp64\bin\apache\apache2.4.35\bin\libcrypto-1_1-x64.dll
- wamp64\bin\apache\apache2.4.35\bin\libssl-1_1-x64.dll
- Verify that all VC ++ packages are installed and with the latest versions.
To do this, use the tool:
Checks VC++ packages installed
Do not use a previously loaded tool. Make a new download to make sure you are using the correct version.
To download missing packages, do not rely on Microsoft links, they are not reliable, download packages on http://wampserver.aviatechno.net in section Visual C++ Redistribuable Packages
Do not forget that if you have a 64 bit Windows, you must install both 32 and 64 bit versions of each package.
You must install each package "as an administrator", so right-click the exe file and then run as Administrator.
- Apply Update 3.1.9 to your version of Wampserver
Wampserver update 3.1.9
---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons
With Wampserver 3.1.4, there can be unexpected replacements of the dll files (libcrypto-1_1-x64.dll libssl-1_1-x64.dll) in the Apache bin folder with those in the PHP version used.
This can create SSL management problems.
I'm not saying that's the cause of your problem, but it can be.
To avoid this kind of file substitution, you must first update your Wampserver to version 3.1.9 (See the link on the update executable at the end of this message).
After updating to 3.1.9, you will find a folder that contains the original dll files of different versions of Apache:
- wamp64\bin\apache\original_libcrypto_libssl\
and, for your Apache 2.4.35 version, it will be the subfolder :
- wamp64\bin\apache\original_libcrypto_libssl\apache2.4.35_x64\
So you will copy the two dll files in this folder: libcrypto-1_1-x64.dll and libssl-1_1-x64.dll in the bin folder of your Apache version, overwriting the existing files:
- wamp64\bin\apache\apache2.4.35\bin\libcrypto-1_1-x64.dll
- wamp64\bin\apache\apache2.4.35\bin\libssl-1_1-x64.dll
- Verify that all VC ++ packages are installed and with the latest versions.
To do this, use the tool:
Checks VC++ packages installed
Do not use a previously loaded tool. Make a new download to make sure you are using the correct version.
To download missing packages, do not rely on Microsoft links, they are not reliable, download packages on http://wampserver.aviatechno.net in section Visual C++ Redistribuable Packages
Do not forget that if you have a 64 bit Windows, you must install both 32 and 64 bit versions of each package.
You must install each package "as an administrator", so right-click the exe file and then run as Administrator.
- Apply Update 3.1.9 to your version of Wampserver
Wampserver update 3.1.9
---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons
Re: Godaddy Wildcard Install with pre-existing wildcard
Posted by:
PfrancoIT
(---.hfc.comcastbusiness.net)
Date: July 22, 2019 10:19PM
Ill apply the updates and follow the steps ..
For my own reference though , am I following the correct steps as far as the cert and key ?
Do I need to generate a CSR even though I have wildcard certs already ?
Thanks again in advance .
From my understanding since I have the key and certs from godaddy already I shouldn't need the CSR and should just have to set the pathing to the certs in the httpd-ssl.conf correct ?
Thanks again for your help in advance ..
For my own reference though , am I following the correct steps as far as the cert and key ?
Do I need to generate a CSR even though I have wildcard certs already ?
Thanks again in advance .
From my understanding since I have the key and certs from godaddy already I shouldn't need the CSR and should just have to set the pathing to the certs in the httpd-ssl.conf correct ?
Thanks again for your help in advance ..
Re: Godaddy Wildcard Install with pre-existing wildcard
Posted by:
Otomatic
(Moderator)
Date: July 23, 2019 10:28AM
Hi,
> SSLPassPhraseDialog builtin is not supported on Win32
See : [knowledge.digicert.com]
---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons
> SSLPassPhraseDialog builtin is not supported on Win32
See : [knowledge.digicert.com]
---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons
Sorry, only registered users may post in this forum.
