[SOLVED] How to set up HTTPS with OpenSSL in WAMP Server

I am using WAMP Server 2.2 (32 bits), which contains:

Apache 2.2.17
Php 5.3.8
  Mysql 5.5.16
PhpMyadmin 3.4.5
SQLBuddy 1.3.3
XDebug 2.1.2
webGrind 1.0
XDC 1.5

But after googling in some places, here and there..

I’ve just realized that I need this Apache 2.2.11 (include OpenSSL),

to continue working using OpenSSL.

Okay, let’s do the next steps. ;)

1. Create SSL Certificate and Key

a. Ekstrak OpenSSL to your directory, and copy this file:

  • openssl.cnf to .\Apache2.2.11\conf\
  • from folder bin, copy all files to .\Apache2.2.11\bin\

// Replace the old files! :D

b. Open DOS command window by typing `CMD` in your search menu.

c. Type this cd C:\wamp\bin\apache\apache2.2.11\bin

d. Create a server private key with 1024 bits encryption by entering this command: openssl genrsa -des3 -out server.key 1024

// It’ll ask you a pass phrase (password), just enter any password you like .

e. Remove the pass phrase from the RSA private key (while keeping a backup copy of the original file). Enter this:

copy server.key server.key.org

openssl rsa -in server.key.org -out server.key

// It’ll ask you the pass phrase, just type it.

f. Create a self-signed Certificate (X509 structure) with the RSA key you just created. Enter this: openssl req -new -x509 -nodes -sha1 -days 365 -key server.key -out server.crt -config C:\wamp\bin\apache\apache2.2.11\conf\openssl.cnf

2. Copy the server.key and server.crt files

a. In the Apache2.2.11\conf\, create two folders named as ssl.key and ssl.crt

b. Copy the server.key file to ssl.key folder and server.crt file to ssl.crt folder

3. Edit the httpd.conf file, php.ini, and httpd_ssl.conf

a. Open httpd.conf file

b. Remove the comment ‘#’ at the line which says: LoadModule ssl_module modules/mod_ssl.so

c. Remove the comment ‘#’ at the line which says: Include conf/extra/httpd-ssl.conf

d. Open this file-> C:\wamp\bin\php\php5.3.8\php.ini

e. Remove the comment ‘;’ at the line which says: extension=php_openssl.dll

f. Open this file -> C:\wamp\bin\apache\Apache2.2.11\conf\extra\httpd_ssl.conf

g. Find the line which says: <VirtualHost _default_:443>.

h. Right after it, change the line which says:

  • Change the line “DocumentRoot …” to DocumentRoot “C:/wamp/www/”
  • Change the line “ServerName…” to ServerName localhost:443
  • Change the line “ErrorLog….” to Errorlog “C:/wamp/bin/apache/Apache2.2.11/logs/sslerror.log”
  • Change the line “TransferLog ….” to TransferLog “C:/wamp/bin/apache/Apache2.2.11/logs/sslaccess.log”
  • Change the line “SSLCertificateFile ….” to SSLCertificateFile “C:/wamp/bin/apache/Apache2.2.11/conf/ssl.crt/server.crt”
  • Change the line “SSLCertificateKeyFile ….” to SSLCertificateKeyFile “C:/wamp/bin/apache/Apache2.2.11/conf/ssl.key/server.key”
  • Change the line which says <Directory “C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin”> or something like that (sorry I’m forget what its default dir :p) to <Directory “C:/wamp/www/”>
  • Add the following lines inside those <Directory … >…</Directory> tags:
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
  • Change the line “CustomLog…” to CustomLog “C:/wamp/bin/apache/Apache2.2.11/logs/ssl_request.log”

4. Make sure it works!

a. In the previous DOS Command windows, enter httpd -t . If it displays Sysntax is OK, then go to next step. If not, then correct the wrong syntax and redo step 3.

b. Restart the Apache server. If restart is successful, then open the browser and enter https://localhost/

How it goes? Works, eh? Congratz! :D

Aaand lastly, to redirect non-https entered link to https, do this.

1. Open file .\Apache2.2.11\conf\httpd.conf

2. Add this after the last line

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

3. Try this: http://localhost

Screenshot

References:

1. http://www.wampserver.com/phorum/read.php?2,32986,page=1

2. http://www.sslshopper.com/apache-redirect-http-to-https.html

About these ads

42 thoughts on “[SOLVED] How to set up HTTPS with OpenSSL in WAMP Server

  1. In step 3 part c:
    I got an issue, that by doing this step my wamp server is not working any more.Please help me to solve this issue.

    Thanks in advance.
    Regards:

  2. Good tuto !
    But two remarks :
    1.f : You wrote “Create a self-signed Certificate … -config C:\wamp\bin\apache\apache2.2.8\ …”. You should write “Create a self-signed Certificate … -config C:\wamp\bin\apache\apache2.2.11\ …”
    3.c : You wrote “Remove the comment ‘#’ at the line which says: Include conf/extra/httpd_ssl.conf”. You should write “Remove the comment ‘#’ at the line which says: Include conf/extra/httpd-ssl.conf”

  3. Hi
    Thanks for this. At step 4 a) I get this error:

    D:\wamp\bin\apache\Apache2.2.17\bin>httpd -t
    httpd: Syntax error on line 119 of D:/wamp/bin/apache/Apache2.2.17/conf/httpd.conf: Cannot load D:/wamp/bin/apache/Apache2.2.17/modules/mod_ssl.so into server:
    %1 is not a valid Win32 application.

    What can I do ;(

  4. OOO…man it works .. Thank u
    CustomLog “C:/wamp/bin/apache/Apache2.2.17/logs/ssl_request.log” “%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”

    and delete ” ” mark while coping from site and type it again ..

  5. Hello, nice tutorial.
    Does this work for the apache 22 also?
    I tried it and change everything that is 11 to 22 and dont work …Maybe I do something wrong or I need to check again the syntax.
    Thank you for your time!

  6. Only the redirection is not working…I dont know why…but when I copy and paste this code and do restart….not even the local page dont work!

  7. That redirect part from http to https doesn’t work (wamp tray icon remains orange after restart, doesn’t turn green). Also localhost/phpmyadmin doesn’t work anymore after making those changes to set up https. ( The requested URL /phpmyadmin/ was not found on this server. )

    Any help?

    • Have you already done all those steps above? Those based on my dir. If you set up w/ difference dir, then change ‘em to yours.

  8. Pingback: OpenSSL in WAMP

  9. everything worked perfectly, juts the last piece of command, when i restart all services, the icon stays orange.

    I did everything before it and i checked and everything works perfectly if i don’t use the last piece of code. So i can use the website through http, and https, but i just want it to be https.

    i’m copying the code after Include “C:/wamp/alias/*”, is this right? or where do i have to place that piece of code?

  10. Great tutorial for SSL. Everything is working fine. But at last i am getting message “SERVER CONNECTED” while trying to access website with HTTPS. but working fine for HTTP. can you suggest me plz.

  11. getting this with 2.4.4. everything else seemed to go smooth.
    httpd.exe: Syntax error on line 162 of C:/…/httpd.conf: Cannot load modules/mod_ssl.so into server: The specified module could not be found.

  12. I followed all the steps but the wamp tray icon stays orange and when i do the httpd -t test it says: DocumentRoot must be a directory

    • okay i found out what the problem was… i was copy/pasting the lines from this page and there was a different format to the ” symbols in the paths (when pasted in notepad)… so i had to type the ” manually. now it works!

  13. Hi.. your tutorial is very usefull.. But still i am getting “Unable to connect to the server” for https:\\localhost\
    When i entered (4.a)” httpd -t” on command prompt, i do get result as “Syntax is OK” then why me server is not getting connected.

  14. I have the same problem, my console say that everything is ok, and firewall is off.
    But my error log say: AH00016 Configuration Failed.

    Where? :(

    And thanks!!

    • Make sure you have the same ‘name’ in /etc/hostname as well as in the “ServerName” option in /etc/httpd/conf/httpd.conf. If you use “localhost”, use the same in the other one.

  15. Great tutorial, i almost finish this but i have a problem. After i complete all the steps, now when i access https://localhost, the https is cut and it says : The site’s security certificate is not trusted!
    If i press : Proceed anyway, this works but https icon is still red and cut. What can i do ?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s