LiveZilla Live Chat

Neubreed blog

Home » Blog » Enabling and configuring SSL for apache 2.2 under windows WAMP server 2

Enabling and configuring SSL for apache 2.2 under windows WAMP server 2

Submitted by ryan on Sun, 20/07/2008 - 15:26

WAMP Server 2.0 comes with openssl so we need to create a self signing SSL certificate first before we touch WAMP

First you need a DOS box and to locate your openssl.exe. Mine is located here:

C:\\wamp\\bin\\apache\\apache2.2.6\\bin\\openssl.exe
 
Jump into that directory
 
cd c:\\wamp\\bin\\apache\\apache2.2.6\\bin

Generate a Private Key and CSR

First you need to generate an RSA Private Key and Certificate Signing Request (CSR)

openssl genrsa -des3 -out myserver.key 1024

This command will ask you to enter a pass phrase. Enter and confirm it

Next, we need to remove the pas phrase from the key to that the server does pause to request it.. which would be a bit annoying !

openssl rsa -in myserver.key -out myserver.pem

Now that we've created the private key, we need to generate the CSR like so:

openssl req -new -key myserver.key -out myserver.csr

If you get errors about a missing conf file you can add the following option:

-config c:\\wamp\\bin\\apache\\apache2.2.6\\conf\\openssl.cnf

Here's how the above process will look like

C:\\wamp\\bin\\apache\\apache2.2.6\\bin>openssl req -new -key myserver.key -out myserver.csr
Enter pass phrase for myserver.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:NSW
Locality Name (eg, city) []:Crows Nest
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Neubreed Design Pty Ltd
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:neubreed.localhost
Email Address []:
 
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

NOTE: make sure "Common Name (eg, YOUR name)" is your host name for the VirtualHost eg . mylocalhost

Generating a Self-Signed Certificate

To generate a temporary certificate which is good for 365 days, use the following command:

openssl x509 -req -days 365 -in myserver.csr -signkey myserver.key -out myserver.crt

Create an directory under: C:\\wamp\\bin\\apache\\apache2.2.6\\conf\\ssl and move the myserver.key and myserver.cert into it.

Configure Apache to use SSL

Edit the http.conf file via WAMPs menu or directly here: C:\\wamp\\bin\\apache\\apache2.2.6\\conf\\httpd.cnf

Locate the line 

Listen 80

And make it also listem on the standard ssl port 443

Listen 80
Listen 443

Now create a new virtual host like so (in addition to any normal port 80 entries):

This has a complete symfony setup up too FYI

<VirtualHost *:443>
  ServerName neubreed.localhost
  DocumentRoot "/home/neubreed/web"
  DirectoryIndex index.php
 
  Alias /sf c:\\wamp\\bin\\php\\php5.2.5/PEAR/data/symfony/web/sf
  <Directory "c:\\wamp\\bin\\php\\php5.2.5\\PEAR/data/symfony/web/sf">
    AllowOverride All
    Allow from All
  </Directory>
 
  <Directory "/home/neubreed/web">
    AllowOverride All
    Allow from All
  </Directory>
  # These are the actual SSL directives needed to get it all working!
  SSLEngine on
  SSLCertificateFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.crt
  SSLCertificateKeyFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.pem
</VirtualHost>

Finally click the WAMP Systray icon and navigate to the apache modules menu and make sure there's a tick next to ssl_module

This will enable the line below in httpd.conf

LoadModule ssl_module modules/mod_ssl.so

Apache will restart and you should be able to browse to https://yourlocalhost

Post replies if you get stuck!

Anonymous (not verified)

Posted Thu, 25/03/2010 - 04:11

Hello Ryan, Congratulations for your post !
It work's very well for me.

Thank you.

Ezequiel Moraes - Brazil (not verified)

Posted Thu, 25/03/2010 - 04:11

Hello Ryan, Congratulations for your post !
It work's very well for me.

Thank you.

Zulfadly (not verified)

Posted Sat, 01/05/2010 - 04:41

Where do you add the Virtual:443

Mike (not verified)

Posted Fri, 16/07/2010 - 01:21

Right below where you added Listen 443.

Thanks for this article, Ryan! Works great!

Anas Ali (not verified)

Posted Wed, 12/01/2011 - 07:49

plz.. tell me
hwo can i make a virtual host...
i cant understand..
guide me..
urgently thanks

Umer (not verified)

Posted Wed, 16/02/2011 - 21:26

Hi
It is not working...
certificate is generated. But i think these lines are getting problem:

ServerName neubreed.localhost
DocumentRoot "/home/neubreed/web"
DirectoryIndex index.php

Alias /sf c:\\wamp\\bin\\php\\php5.2.5/PEAR/data/symfony/web/sf

AllowOverride All
Allow from All

AllowOverride All
Allow from All

# These are the actual SSL directives needed to get it all working!
SSLEngine on
SSLCertificateFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.crt
SSLCertificateKeyFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.pem

please can u explain these
thank u.

Mukesh Ghatiya (not verified)

Posted Wed, 20/04/2011 - 02:25

Hi,

Thanks for the informative tutorial.

I can't find openssl.conf (or cnf) in my wamp installation. I tried reinstalling, but its not there. I couldn't locate the file on internet too. Any idea where to get it from?

Though I strongly feel that with so much to do for enabling ssl, I think it should be automated with some tool or probably made a part of wamp installation as an option. Do you know of any such tool or option?

Thanks,
Mukesh

Mukesh Ghatiya (not verified)

Posted Wed, 20/04/2011 - 03:30

I managed to locate openssl.conf by downloading something called wampssl from http://downloads.jlbn.net/WampSSL.html . I got the reference from http://www.wampserver.com/phorum/read.php?2,32986,printview,page=5

Maybe you can have a thing or two about this in your tutorial.

Also, after this my agony was not over. My Apache won't start with following error:
Init: SSLPassPhraseDialog builtin is not supported on Win32

I found solution for this on http://www.entrust.net/knowledge-base/technote.cfm?tn=6558

Even now my pains were not over. When I entered https://localhost in my browser it complained something like certificate is not correct or some such. But then it gave me an option to add an exception so I did. Not sure if that was right thing to do.

But now I am getting a "Forbidden" error. "You don't have permissions to access index.php on this server".

I am tired now. Please enlighten me if you know of any solution to this problem.

I hate these tech things. Nothing goes right in one shot.

Call now on 1300 858 495 or contact us online to discuss your needs.

Logo Design | Web Design Company | Web Designers Sydney | Web Development Sydney | Website Design | Drupal Development | Email Marketing Software | Magento Development