Another limitation on home ISPs, besides the dynamic IP address, the http default port 80 is blocked.
Using some open port test tools check against my home external IP address, and found out 443, the default https port is still open. So I decide to use the https protocol instead.
This web site is built on top of apache web server, in windows environment. To have apache provide https connections, the apache with ssl support version should be downloaded, and installed first.
- create the site SSL certificate
After installation, at /bin directory of apache, there should be a openssl.exe module. Besides, there is a openssl.conf under /conf folders.
There are three steps to create the certificate.
- create the new key
openssl req –config openssl.conf –new –out ./ssl/best2jj.csr –keyout ./ssl/best2jj.pem
- remove the passphrase from the key(for safety)
openssl rsa -in ./ssl/best2jj.pem -out ./ssl/best2jj.key
- Convert request into signed certificate
openssl x509 -in ./ssl/best2jj.csr -out ./ssl/best2jj.cert -req -signkey ./ssl/best2jj.key -days 365
- install or configure the certificate
modify the http.conf files, change the setting as below,
- enable ssl modules
as uncomment this line, LoadModule ssl_module modules/mod_ssl.so
- enable ssl configurations
as uncomment this line, Include conf/extra/httpd-ssl.conf
- add these lines at the end of the http.conf
SSLRandomSeed startup builtin
- at httpd-ssl.conf, point to the correct certificate and certificatekey files
SSLCertificateFile “the directory to your cert file just now created/best2jj.cert”
SSLCertificateKeyFile “the directory to your key file just now created/best2jj.key”
Restart the server, and test using https://yourServerAddress.