Enabling and configuring SSL for apache 2.2 under windows WAMP server 2
WAMP Server 2.0 comes with openssl so we need to create a self signing SSL certificate first before we touch WAMP
First you need a DOS box and to locate your openssl.exe. Mine is located here:
C:\wamp\bin\apache\apache2.2.6\bin\openssl.exe
Jump into that directory
cd c:\wamp\bin\apache\apache2.2.6\bin
openssl genrsa -des3 -out myserver.key 1024
This command will ask you to enter a pass phrase. Enter and confirm it
Next, we need to remove the pas phrase from the key to that the server does pause to request it.. which would be a bit annoying !
openssl rsa -in myserver.key -out myserver.pem
Now that we've created the private key, we need to generate the CSR like so:
openssl req -new -key myserver.key -out myserver.csr
If you get errors about a missing conf file you can add the following option:
-config c:\wamp\bin\apache\apache2.2.6\conf\openssl.cnf
Here's how the above process will look like
C:\wamp\bin\apache\apache2.2.6\bin>openssl req -new -key myserver.key -out myserver.csr
Enter pass phrase for myserver.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:NSW
Locality Name (eg, city) []:Crows Nest
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Neubreed Design Pty Ltd
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:neubreed.localhost
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
openssl x509 -req -days 365 -in myserver.csr -signkey myserver.key -out myserver.crt
Listen 80
And make it also listem on the standard ssl port 443
Listen 80
Listen 443
Now create a new virtual host like so (in addition to any normal port 80 entries):
This has a complete symfony setup up too FYI
<VirtualHost *:443>
ServerName neubreed.localhost
DocumentRoot "/home/neubreed/web"
DirectoryIndex index.php
Alias /sf c:\wamp\bin\php\php5.2.5/PEAR/data/symfony/web/sf
<Directory "c:\wamp\bin\php\php5.2.5\PEAR/data/symfony/web/sf">
AllowOverride All
Allow from All
</Directory>
<Directory "/home/neubreed/web">
AllowOverride All
Allow from All
</Directory>
# These are the actual SSL directives needed to get it all working!
SSLEngine on
SSLCertificateFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.crt
SSLCertificateKeyFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.pem
</VirtualHost>
LoadModule ssl_module modules/mod_ssl.so
Apache will restart and you should be able to browse to https://yourlocalhost
Post replies if you get stuck!
C:\wamp\bin\apache\apache2.2.6\bin\openssl.exe
Jump into that directory
cd c:\wamp\bin\apache\apache2.2.6\bin
Generate a Private Key and CSR
First you need to generate an RSA Private Key and Certificate Signing Request (CSR)openssl genrsa -des3 -out myserver.key 1024
openssl rsa -in myserver.key -out myserver.pem
openssl req -new -key myserver.key -out myserver.csr
-config c:\wamp\bin\apache\apache2.2.6\conf\openssl.cnf
C:\wamp\bin\apache\apache2.2.6\bin>openssl req -new -key myserver.key -out myserver.csr
Enter pass phrase for myserver.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:NSW
Locality Name (eg, city) []:Crows Nest
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Neubreed Design Pty Ltd
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:neubreed.localhost
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
NOTE: make sure "Common Name (eg, YOUR name)" is your host name for the VirtualHost eg . mylocalhost
Generating a Self-Signed Certificate
To generate a temporary certificate which is good for 365 days, use the following command:openssl x509 -req -days 365 -in myserver.csr -signkey myserver.key -out myserver.crt
Create an directory under: C:\wamp\bin\apache\apache2.2.6\conf\ssl and move the myserver.key and myserver.cert into it.
Configure Apache to use SSL
Edit the http.conf file via WAMPs menu or directly here: C:\wamp\bin\apache\apache2.2.6\conf\httpd.cnf Locate the lineListen 80
Listen 80
Listen 443
<VirtualHost *:443>
ServerName neubreed.localhost
DocumentRoot "/home/neubreed/web"
DirectoryIndex index.php
Alias /sf c:\wamp\bin\php\php5.2.5/PEAR/data/symfony/web/sf
<Directory "c:\wamp\bin\php\php5.2.5\PEAR/data/symfony/web/sf">
AllowOverride All
Allow from All
</Directory>
<Directory "/home/neubreed/web">
AllowOverride All
Allow from All
</Directory>
# These are the actual SSL directives needed to get it all working!
SSLEngine on
SSLCertificateFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.crt
SSLCertificateKeyFile C:/wamp/bin/apache/apache2.2.6/conf/ssl/myserver.pem
</VirtualHost>
Finally click the WAMP Systray icon and navigate to the apache modules menu and make sure there's a tick next to ssl_module
This will enable the line below in httpd.confLoadModule ssl_module modules/mod_ssl.so
