Migrate SSL certs from IIS to Apache


Migrating away from IIS feels like taking a breath of air on a cool, crisp morning - it is thoroughly invigorating and refreshes your entire body^H^H^H^Hserver. Aside from the basic site configuration, the only tricky part is getting the SSL certificates out of IIS and into Apache. As it turns out there are only a few short steps - export the certificate out of IIS, run three commands in DOS and then hook 'em up in your httpd.conf! Pretty easy, as Pete Freitag explains the steps. After doing this for five domains today, I can tell you that it works and is really pretty painless, much less painless than renewing certificates in IIS.

Reasons to use Apache instead of IIS


I've been a web server administrator for many years, typically as a secondary task along side web development, and I'm reminded time after time how much I dislike using IIS, Microsofts web server. As a gift to the universe, here are my reasons for disliking IIS and preferring Apache:

  • SSL management is a pain. When renewing certificates in IIS you have to create a dummy web site and do several side-steps and tangos. With Apache you simply renew the certificate at the certificate authority and replace the file on your server (or paste it into the control panel, if you have one).
  • Clean URLs. Apache comes bundled with a plugin for turning ugly URLs like "http://www.mc-kenna.com/index.php?function=blog&id=5" into "http://www.mc-kenna.com/blog/5". IIS doesn't have one built-in and the addons I've tried have been a bit odd.
  • Configuration files vs registry. Apache uses plain text files for all of the configuration and can load files from any directory you might have on the server, so that...
    • you can keep your site's configuration nestled within your site's codebase (outside of the publicly accessible directory structure, of course) for revision management;
    • it makes it easy to write scripts to create new sites as they're all very much the same;
    • you can more easily find the setting you want to change.

    With IIS 6 (and older) you use a GUI tool that updates registry settings - not very script or revision management friendly and at times difficult to get around.

It is worth noting at this point that the upcoming IIS 7, bundled as part of Windows Server 2007 aka "Longhorn", will use text files for configuration, I guess they finally saw the benefit of doing it this way.

The way I see it there's one reason to use IIS over Apache:

  • You need to use ASP or .NET.

otherwise you should use Apache.

Apache log rotation on Windows (update)


Way back when I wrote how to do log rotation for Apache on Windows. Well, as it turns out there's a better way that is available with the recent discover of ApacheLounge.org - there's a module/plugin for Apache that can do log rotation automagically called mod_log_rotate that'll be easier to use and won't leave tonnes of zombie tasks running if you restart Apache. Much nicer.

Apache commercial support


Many corporations require that all software used have a commercial support structure available to cope with worst-case scenarios. Typically many open-source applications in use today don't have support available from the core development team, and the ubiquitous Apache HTTPd web server is no different. To the rescue is the company Covalent who can provide not only support for several of the Apache products but also make a customized bundle available of Apache HTTPd, Tomcat and several other applications. Obviously this support is not going to be free, but if you need it they're worth giving at try.

Goldberg - turn-key user auth & CMS for Rails


One of Rails' most commonly mentioned faults is the lack of a turn-key user authentication & content management system as part of the standard install. While a good point, there are a number of open-source projects that have stepped up to the plate to fill this gap. After looking around for some time I've found one which I suspect I'll be using often: Goldberg. Though not the most feature rich, Goldberg does the basics well - user authentication, user access controls, a basic CMS for handling static pages, which is all wrapped up in an easily extensible structure. Well worth trying out.


Subscribe to Front page feed