Here are a few notes, that might help a few out there who face difficulties to configure apache server on https and as a reverse proxy on their windows ( windows7 ) development machine.

Generate your server certificate

download openssl (or download apache 2 with openssl built-in, cf below) and issue the following commands:

openssl genrsa -des3 -rand file1:file2:file3:file4:file5 -out server.key 1024

pick a passphrase

openssl rsa -in server.key -out server.pem
openssl req -days 3650 -new -key server.key -out server.csr
openssl x509 -req -in server.csr -signkey server.key -out server.crt

The SSLPassPhraseDialog is a directive within the Apache httpd.conf or ssl.conf that is not supported by Windows
Windows user will need to remove the encryption from the RSA private key (while preserving the original file):

  • Make a copy of the private key and call it ``''

  • Use the OpenSSL command to remove the passphrase such as;

openssl rsa -in -out server.key

server.key will be your new private key with the passphrase removed.

Install apache with mod_ssl
  • install apache 2 with openssl support built-in

    • Note for windows user: in the non default dir (not program files) with no space or any funky character

  • update httpd.conf :

    • uncomment line : "LoadModule ssl_module modules/"

  • update ssl.conf :

    • delete the <IfDefine ssl> tags

    • The SSLPassPhraseDialog is a directive within the Apache httpd.conf or ssl.conf that is not supported by Windows, windows users will need to comment out the line ’SSLPassPhraseDialog builtin’

  • copy the generated server.key file (see above) under conf/ssl.key/server.key

  • copy the generated server.crt file (see above) under conf/ssl.crt/server.crt

as expected in the ssl.conf file

SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.key/server.key
  • Restart you apache server/service


You may face windows firewall issue, workaround run apache.exe as an administrator
Here are also some other interesting tutorials:

You may use openssl to diagnose issues

openssl s_client -connect http://your.machine:443
Install apache as a reverse proxy

In httpd.conf:

  • uncomment

    LoadModule proxy_module modules/
    LoadModule proxy_connect_module modules/
    LoadModule proxy_http_module modules/
  • add

    ProxyPass / http://your.proxied.server:port/
    ProxyPassReverse / http://your.proxied.server:port/
    ProxyPreserveHost On
  • Restart you apache server/service