JLBN – Setup HTTPS SSL on WAMP
Hypertext Transfer Protocol over Secure Socket Layer or HTTPS is a URI scheme used to indicate a secure HTTP connection. It is syntactically identical to the http:// scheme normally used for accessing resources using HTTP. Using an https: URL indicates that HTTP is to be used, but with a different default TCP port (443) and an additional encryption/authentication layer between the HTTP and TCP. This system was designed by Netscape Communications Corporation to provide authentication and encrypted communication and is widely used on the World Wide Web for security-sensitive communication such as payment transactions and corporate information systems.
In this tutor guide for WAMP, we will show you how to create a self-signed HTTPS SSL certificate; then, how to implement this self-signed certificate into WAMP; then, obtain a FREE Trusted HTTPS SSL Certificate to replace the self-signed one.
Thanks for the useful guide, I was able to get Apache + SSL to work in windows thanks yo this.
Hi, thanks guys for this awesome guide,
I still have a problem, with 2.oi + OpenSSL patch from JLBN, Apache doesn’t start
I’ve tried anything said here, pre-created log file, I also run httpd.exe -t, says Syntax OK etc
Any ideas why when I uncomment httpd-ssl.conf, Apache doesn’t want to start ? 🙂
Slaughter, did you check older comments that post solution for similar issue?
Every one can help with ” 404 page Not Found ” error? Thanks very much in advance.
I followed the instruction, everything going well till the last step. After I add exception in Firefox, I got a 404 Page not found error.
All WAMP services are running normally.
SSL_access log:
192.168.1.100 – – [14/Nov/2009:23:17:07 -0800] “GET /ssl/index.html HTTP/1.1” 404 212
benbay, when FF already detected it, your SSL already work, so you should check your path since it should be https://localhost/index.html instead /ssl/index.html
Thank you so much!
One of the most comprehensive, detailed, exact and powerful tutorials I have used so far.
Keep doing it!
Legend status!
Could not find anything on the internet to address SSL problems with WAMP. Your WAMPSSL fix and step by step guide were right on the mark!
Please disregard my question. I figured it out! I had to start the whole issuance process over again in order to get the end result. A usable 2048 bit CSR and a functioning apache!
I am runing wamp on windows server 2003. I followed your tutorial and successfully produced a CSR for my purchased certificate. However, Apache stopped responding due to windows incompatibilty with the key encription. The error was:
Error: Init: SSLPassPhraseDialog builtin is not supported on Win32
I followed a direction from verisign to reissue a new key without the encryption (see tutorial at:
https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=S:SO5779)
However, Apache still does not start and the ssl_error.log states:
[Mon Sep 07 10:52:40 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Sep 07 10:52:40 2009] [error] Unable to configure RSA server private key
[Mon Sep 07 10:52:40 2009] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Can you help me with this?
Here is what I had:
Directory “C:\wamp\www\ssl”>
Once I fixed:
Everything worked fine.
Had the same problem everyone else was having of not being able to start server at Step 43. Check your code closely in the httpd-ssl.conf file. I was missing a < in front of my Directory tag. Once I inserted the <, the server started.
Thank you. Made a small donation.
Pingback: OpenSSL Error - x10Hosting Forums
Nevermind, I have fixed the issue. For anyone else that receives some problems, heres what I did:
1) During the httpd-ssl.conf part of the guide on this site, it uses “C:/some/directory/tree/structure”
Now, it may look fine but the internet uses the forward slash. Local machines uses the backslash \
So I just replaced all the forward slashes with backslashes.
2) I noticed that my sslcache line didn’t have any “quotes” around it. Fixed that.
3) To be on the safe side, I went through the entire file and changed the tree structure to be exact, case for case. changed “C:\wamp\Apache\apache2.2.11\” to “C:\wamp\apache\Apache2.2.11\”
4) Pre-created the log files
One or all of those things fixed my problems and my server is now running http and https.
Those that are wondering as well, the way its setup it allows both http and https to run and is only changed to secured when called (ex: http://www.example.com wont run ssl unless script forced or changed to https://www.example.com)
Thanks, Tal for corrections since this guide is here for a while and it seems later Apache versions require double quote on paths, but we’re not sure why you have to use backslashes instead forward slashes
Oh, also. I have a question. On step 35 and 36 ( http://guides.jlbn.net/setssl/setssl13.html ) it has the 2 virtual hosts.
Which do I need to copy to only enable when port 443 is requested?
I need to allow it on my root (www.domain.com) and not a sub-folder but I dont want the entire site encrypted.
Tal, can you check to make sure you follow the suggestions from comments 58 and 60?
On step 35 is original content and should change as in step 36.
When you enable SSL in 1 folder, any sub-folders under that folder will have same effects, so you should not put any sub-folder in that SSL folder, but instead setup SSL in 1 folder (ie. www/ssl folder) based on this guide and setup main site in another folder (ie. www/main folder) based on our Setup Virtual Hosts guide then either use .htaccess file to redirect from http to https or you can implement a script in php pages to redirect, for example, you want your login.php page will go through SSL, then you can put a similar php script in this login.php file
function redirectToHTTPS()
{
if($_SERVER['HTTPS']!="on")
{
$redirect= "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
header("Location:$redirect");
}
}
Mod_ssl.so is in there.
However, no need to worry about my problem anymore (or atleast not the old one.)
I was attempting to test the certificate process on my local machine before implementing it on my webserver but I’ve had to speed up and skip it.
I have a thawte .key and .crt file, put everything in place and such and it mostly works. At step 41 ( http://guides.jlbn.net/setssl/setssl15.html ) when I uncomment the httpd-ssl.conf and try to restart apache, it freezes and comes up with “internal service error” or something along those lines and I cannot enable “mod_ssl”
Once I comment httpd-ssl.conf back, it works (but without ssl of course)
I’ll be messing around with the file myself to see if theres any errors… If you know how to fix this one, I’d love ya 😛
Many thanks to provide such very good guide.
I was using WAMPserver5 1.7.3 and trying to make it HTTPS. your guide is very helpful, though 3 lines in a page is a bit annoying 😐
But My apache is not restarted when I tried to set ssl module on (like many others). Finally I have solved the issue.
WAMPserver does not contain the mod_ssl.so file in the modules directory. Then I installed Apache_with_ssl from http://www.apache.org/dist/httpd/binaries/win32/apache_2.2.11-win32-x86-openssl-0.9.8i.msi after disabling the wamp. I then copied mod_ssl.so to the apache module directory of wamp and then restarted it. VOILA it works 🙂
@ hashraf
before we had each guide in 1 page or 2, but kept getting mails w/ questions why having this error or that problem…, then we found out most people tend to go through the guide as fast as possible and often missed a step or 2, and that’s why we put only some steps in 1 page and we don’t receive those mails no more 😉 anyway, we just check and mod_ssl.so is there in module dir
@ Tal
as hashraf mentioned, check to make sure you have mod_ssl.so in module dir
Redownloaded and tried, still didn’t work 😐
Added the path in Environment Variables and still coming up with nothing.
Any other ideas?
Tal, I’ve just redownload to check and there are 5 files in the archive, so make sure you copy file openssl.conf in the proper location
BN,
I have been having the same troubles (using apache 2.2.11) and such. I have downloaded ‘wampssl’ from your downloads page and replaced the 3 files.
After running the command, I get an error saying “The system cannot execute the specified program.”
However, in the readme it says replace the openssl.conf in \conf\ yet there is no openssl.conf in the WampSSL download. Only 2 .dll files and an openssl.exe
I replaced my originals with the 3 files and thats what I get.
Tal, it seems you’re running XP, in which you only see SpeedDial shortcut instead file openssl.conf, so you should add the path environment as posted in comment 44, then try again 😉
Hi,
I want to have ssl support for my application. I have installed WAMP2 on my m/c. To provide ssl support, I followed the steps. But at step
When I run the command
openssl rsa -in pass.key -out customname.key
I got the following error
WARNING: can’t open config file: d:/test/openssl098kvc6/openssl.cnf
Enter pass phrase for pass.key:
unable to load Private Key
3504:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:.\
crypto\evp\evp_enc.c:330:
3504:error:0906A065:PEM routines:PEM_do_header:bad decrypt:.\crypto\pem\pem_lib.
c:428:
Please help me out to solve this errpr . I dont know why I am getting this error.
Please help.
Thanks
Kanchan, did you download SSL from our Download page and try again w/ it?
Hi,
Very nice article and detailed step by step instructions.I want top congratulate you for taking this tough step to spread the awareness regarding SSL setup .
after finishing the steps when we try to restart the WAMP server it refuses to start there is a small hack.
Open the httpd.conf file in any text editor of your choice find the below line
LoadModule ssl_module modules/mod_ssl.so
remove the “#” from the begining and save
Try restarting the WAMP again.
Voila Now it works !!!!