Neu blog
Enabling and configuring SSL for apache 2.2 under windows WAMP server 2
WAMP Server 2.0 comes with openssl so we need to create a self signing SSL certificate first before we touch WAMP
First you need a DOS box and to locate your openssl.exe. Mine is located here:
C:\\wamp\\bin\\apache\\apache2.2.6\\bin\\openssl.exe Jump into that directory cd c:\\wamp\\bin\\apache\\apache2.2.6\\bin
Generate a Private Key and CSR
First you need to generate an RSA Private Key and Certificate Signing Request (CSR)
openssl genrsa -des3 -out myserver.key 1024This command will ask you to enter a pass phrase. Enter and confirm it
Next, we need to remove the pas phrase from the key to that the server does pause to request it.. which would be a bit annoying !
openssl rsa -in myserver.key -out myserver.pem
Now that we've created the private key, we need to generate the CSR like so:
openssl req -new -key myserver.key -out myserver.csr
If you get errors about a missing conf file you can add the following option:
-config c:\\wamp\\bin\\apache\\apache2.2.6\\conf\\openssl.cnf
Here's how the above process will look like
C:\\wamp\\bin\\apache\\apache2.2.6\\bin>openssl req -new -key myserver.key -out myserver.csr Enter pass phrase for myserver.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]:NSW Locality Name (eg, city) []:Crows Nest Organization Name (eg, company) [Internet Widgits Pty Ltd]:Neubreed Design Pty Ltd Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []:neubreed.localhost Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
NOTE: make sure "Common Name (eg, YOUR name)" is your host name for the VirtualHost eg . mylocalhost
Generating a Self-Signed Certificate
To generate a temporary certificate which is good for 365 days, use the following command:
openssl x509 -req -days 365 -in myserver.csr -signkey myserver.key -out myserver.crt
Create an directory under: C:\\wamp\\bin\\apache\\apache2.2.6\\conf\\ssl and move the myserver.key and myserver.cert into it.
Configure Apache to use SSL
Edit the http.conf file via WAMPs menu or directly here: C:\\wamp\\bin\\apache\\apache2.2.6\\conf\\httpd.cnf
Locate the line
Listen 80
And make it also listem on the standard ssl port 443
Listen 80 Listen 443
Now create a new virtual host like so (in addition to any normal port 80 entries):
This has a complete symfony setup up too FYI
<VirtualHost *:443>
ServerName neubreed.localhost
DocumentRoot "/home/neubreed/web"
DirectoryIndex index.php
Alias /sf c:\\wamp\\bin\\php\\php5.2.5/PEAR/data/symfony/web/sf
<Directory "c:\\wamp\\bin\\php\\php5.2.5\\PEAR/data/symfony/web/sf">
AllowOverride All
Allow from All
</Directory>
<Directory "/home/neubreed/web">
AllowOverride All
Allow from All
</Directory>
# These are the actual SSL directives needed to get it all working!
SSLEngine on
SSLCertificateFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.crt
SSLCertificateKeyFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.pem
</VirtualHost>Finally click the WAMP Systray icon and navigate to the apache modules menu and make sure there's a tick next to ssl_module
This will enable the line below in httpd.conf
LoadModule ssl_module modules/mod_ssl.so
Apache will restart and you should be able to browse to https://yourlocalhost
Post replies if you get stuck!
CONTACT US
- 1300 858 495
- +61 2 8011 8238
- Suite 202, 8 Clarke street Crows Nest, NSW 2065, Australia
- View Google map
Engaging websites and digital experiences that deliver ease of use with fresh, contemporary design.
Custom built PHP business applications including CMS, CRM, customer databases and third-party software integration.
Exposing business to a global audience through SEO, adwords, email marketing and banner advertising.
Anonymous (not verified)
Posted Thu, 25/03/2010 - 04:11Hello Ryan, Congratulations for your post !
It work's very well for me.
Thank you.
Ezequiel Moraes - Brazil (not verified)
Posted Thu, 25/03/2010 - 04:11Hello Ryan, Congratulations for your post !
It work's very well for me.
Thank you.
Zulfadly (not verified)
Posted Sat, 01/05/2010 - 04:41Where do you add the Virtual:443
Mike (not verified)
Posted Fri, 16/07/2010 - 01:21Right below where you added Listen 443.
Thanks for this article, Ryan! Works great!