Many sites claim that WebDav can not be mounted as a network drive using basic authentication in Windows 7. This is not true. In short, Windows 7 only connects to SSL secured WebDav servers that provide a valid certificate. Installing your server's certificate in Windows, marking it as trusted, allows to mount your WebDav share as a network drive. Read more for detailed instructions.
This article describes how to generate and install a proper certificate in Windows 7, so that a WebDav share can be mounted as a network drive. My setup consists of a linux box running CentOS 6 and a Windows 7 machine. I'm using Apache and its mod_dav module for WebDav. In the following we assume that WebDav can be reached at https://dav.example.com/.
Create a Self-Signed Certificate
Apache is configured with a self-signed certificate generated by OpenSSL. In order for Windows to accept this certificate, you need to make sure that the domain name of your server matches the certificate's common name entry (in this case dav.example.com). The following commands create a new self-signed certificate that can be used with Apache1:
# generate a private key > openssl genrsa -aes128 2048 > server.key
# remove password from key file > openssl rsa -in server.key -out server.key
# create a certificate signing request > openssl req -utf8 -new -key server.key -out server.csr # insert your details and choose dav.example.com as common name ... Common Name (eg, your name or your servers hostname) []: dav.example.com
# create certificate and sign it with your private key > openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365
Now server.crt contains your new self-signed certificate.
Configure your Web Server
Next, you need to configure your web server to use your new certificate for SSL secured HTTP connections. In Apache, you basically change the path to your new certificate within a VirtualHost block that serves SSL connections2 :
SSLCertificateFile /path/to/server.crt SSLCertificateKeyFile /path/to/server.key
However, there are a lot more options that need to be considered. A detailed explaination would go way beyond the scope of this article. Please make sure that you have set up SSL properly before going on. When SSL is working, your browser should show the certificate in its address bar (see Figure 1).
Install Certificate as Trusted Root Certificate
Finally, we need to install the certificate in Windows 7. Copy the file server.crt to your Windows machine, or download it using Firefox by clicking on the export button in the details tab of the certificate viewer. Right click on the certificate file and click on Install Certificate. The Certificate Import Wizard will open. Select the Trusted Root Certificate Authorities as certificate store (see Figure 2) and finish the installation.
Now, you should be able to add your WebDav share as a network drive. But first, let's check that Windows accepts your certificate. Open the Internet Explorer and type in your sever's URL (e.g. https://dav.example.com/). Ideally, you should see a little lock in the address bar that tells you that Windows trusts your certificate (see Figure 3). Otherwise, your address bar will turn red, and WebDav won't work (see Figure 4).
Mount WebDav Share
Open the Windows Explorer and select Map network drive from the Tools menu. Type in the URL to your WebDav server and append @SSL to the host name:
\\dav.example.com@SSL\directory\to\your\share
Windows should now ask you for your credentials and create a new network drive to your WebDav share.
Gallery
References
-
Full instructions on how to create a self-signed certificate in CentOS 6 can be found on server-world.info. ↩
-
Full instructions on configuring SSL for Apache in CentOS 6 can be found on server-world.info. ↩
