JLBN – Setup HTTPS SSL on WAMP
Hypertext Transfer Protocol over Secure Socket Layer or HTTPS is a URI scheme used to indicate a secure HTTP connection. It is syntactically identical to the http:// scheme normally used for accessing resources using HTTP. Using an https: URL indicates that HTTP is to be used, but with a different default TCP port (443) and an additional encryption/authentication layer between the HTTP and TCP. This system was designed by Netscape Communications Corporation to provide authentication and encrypted communication and is widely used on the World Wide Web for security-sensitive communication such as payment transactions and corporate information systems.
In this tutor guide for WAMP, we will show you how to create a self-signed HTTPS SSL certificate; then, how to implement this self-signed certificate into WAMP; then, obtain a FREE Trusted HTTPS SSL Certificate to replace the self-signed one.
thank u ๐ ๐
When STEP9, i got an error that the openssl.cnf couldnot be found in “D:\test\openssl098kvc6” (i have Wamp installed in D:\wamp).
I created the directory and an empty openssl.cnf, seems to work but isn’t the way to do it i assume ๐
Have now tried on Win7 Ultimate(64 bit) with elavated privilideges but after including Openssl Apache 2.2.11 does not work.
Oh I am sorry I forgot to mention the most important thing that is I was trying this WAMPSSL installation on a Windows XP (SP 3) OS platform.
Could this be a cause in that case which WAMP version should I use along with which openssl ?
1. Reference my last comment, I tried the guide and everything went correctly. I use WAMPSSL as down loaded from your website.
2. However subsequently Apache would not start, my WAMP is using Apache 2.2.11.
3. The error shown in the logs file is appended below:-
” [Sat Jan 01 17:13:45 2011] [error] Init: SSLPassPhraseDialog builtin is not supported on Win32 (key file C:/wamp/bin/apache/Apache2.2.11/conf/ssl/BOSE.key) “.
4. May I request some help from your end.
With Warm Regards.
Its a great guide although I am yet to use it however the details and pain one’s taken shows.
With warm regards & best wishes.
Hi there,
First, thank you for the great guide.
Been struggling for weeks now to get SSL to work and then found your guide. I’ve followed all the steps, but the wamp services fails to load if I enable either of the following or both for that matter:
Include conf/ssl.conf
and if I enable this ->
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
Also what bothers me if right in the beginning when you install your wampssl files.
“Replace file openssl.conf in folder C:\wamp\bin\apache\Apache2.2.11\conf”
I didn’t have a openssl.conf file to overwrite, only a openssl.cnf file. Do I need to overwrite the .cnf file or leave it as is?
Thnx in advance
Hunted, sorry for typo and it should be openssl.cnf file. Having error when enable file means you have either blank space in front of that line or in the end of the line before that line; also there is no file ssl.conf in folder conf so you will definitely have error when enable this line
Similarly, check to make sure you don’t have error codes or blank spaces either in front or in the end of the line in file httpd-ssl.conf
In order for your articles or blog posts to be effective, you have to get that perfect equilibrium between quality and quantity.
I had a bad tuesday. And I believe that world is leaving to mistaken through people. But I scanned your webpage and at this moment I agree that in future we will have enjoyable days by helpful people as you.
itยดs very good tutorial. Thanks thanks thanks. work full.
I am also using 2.2.11.
I installed the Wampssl .
On openssl…. The system can not execute the specified program.
Win XP Home edition 2002 SP 1
Moh and Bob, when you guys have error โโopensslโ is not recognized as an internal or external commandโ, itโs most likely you guys using xp and need to add path environment to setup ssl; you can google for more detail, but here the basic steps
1. Log in as admin w/ full privilege
2. Go to Control Panel โ System โ Advanced โ Environment Variables
3. Add a new system variable, for example OPENSSL_CONF:
o Variable name: OPENSSL_CONF
o Variable value: C:\wamp\bin\apache\apache2.2.11\conf\openssl.cnf
4. Log out and log back in.
5. Run DOS prompt w/ command:
set | more
And make sure you see the following line among the environment variables:
OPENSSL_CONF=C:\wamp\bin\apache\apache2.2.11\conf\openssl.cnf
Many thanks for this lovely guideline. I followed the guideline with wamp 2.2.11. but in the step 44 i’ve got error ” could not execute menu item (internal error) “
Moh, did you setup WampSSL as we mentioned in the beginning of the guide?
Yes I did
This guide is well done on Apache2.2.8, I tried with Apache2.2.11 as well, it doesn’t work.
It’s so helpful anyway. Many thanks!
kaylapham, what error did you get? BTW, did you install WampSSL as instructed from beginning of the guide?
Excelente, muy buen aporte. Te felicito
When i type on this “openssl genrsa – aes256 – ut pass.key 2048”
its say after its have load:
“5256:error:28069065:lib:UI_set_result:result too small:.\crypto\ui\ui_lib.c:850:you must type in 4 to 511 characters”
what is wrong can u help me??=)
Serra, please, download and setup WampSSL before following this guide ๐
http://downloads.jlbn.net/
It works! Thank you very much.
(Everyone can download wampssl here: http://downloads.jlbn.net/WampSSL.html)
Error in step 3: “openssl genrsa -aes256 -out pass.key 2048”
—————————
openssl.exe – Ordinal Not Found
—————————
The ordinal 286 could not be located in the dynamic link library SSLEAY32.dll.
—————————
Please help
mana, did you download and use our wampssl?
Thank you! Your guide is very well done and saved my day!
I’ve followed the instructions however when I go to https://sitebuilder it asks to add an exception and I do, but then the page is blank.
on step 35 I put:
DocumentRoot “b:/sites/site_builder_pa/htdocs/”
ServerName sitebuilder:443
In my host file I put:
127.0.0.1 sitebuilder
If I just use http then it works fine.
Any thoughts?
Brian, not sure how you setup but your path b:/sites/site_builder_pa/htdocs/ is outside the main document root c:/wamp/www and it can’t be parsed
I used httpd-vhosts.conf
DocumentRoot “b:/sites/site_builder_pa/htdocs/”
Order Allow,Deny
Allow from all
ServerName sitebuilder
ErrorLog “logs/sitebuilder.localhost-error.log”
CustomLog “logs/sitebuilder.localhost-access.log” common
Will that cause problems? I have an entire site setup running perfectly, just can’t get ssl to work. MySQL and PHP are working.
Brian, it seems you missed some codes, so please use our tool here to convert your code then post again
http://blog.jlbn.net/?p=84
<VirtualHost *:80>
ServerAdmin tech@lavisual.com
DocumentRoot “b:/sites/site_builder_pa/htdocs/”
<Directory b:/sites/site_builder_pa/htdocs/>
Order Allow,Deny
Allow from all
</Directory>
ServerName sitebuilder
ErrorLog “logs/sitebuilder.localhost-error.log”
CustomLog “logs/sitebuilder.localhost-access.log” common
</VirtualHost>
I found out that my issue was that port 443 was already being used by Pando Media Booster. When I ended that program and restarted apache, SSL worked.
Sorry to confuse anyone and I hope that perhaps this may help someone else with trouble.
BTW I needed to uncomment LoadModule ssl_module modules/mod_ssl.so in my httpd.conf file which someone else mentioned in their comment. Without it uncommented apache wouldn’t start.
Brian, thanks for clarifying about port 443 and about enable module, instead manually uncomment that line in the file, you can enable it through WAMP tray icon as instructed in the guide ๐
Thanks, I do appreciate your help. I’ve just tried it, but it does the same thing. I do have the cert and the key, in the same folder, and have tried putting the path in the conf file with backslashes and forward slashes, but neither work.
The thing I don’t understand is it works perfectly with a self-signed cert.
The only real difference is there is also a CA-bundle certificate that is required, which I’ve put in the same folder and referenced it using SSLCACertificateFile, following the instructions from the signing authority.
Steve, we really love to help but it seems if you’re installing a certificate signed by a CA then you might have a bundle or chain file to install too but the problem is each CA does things differently and you should read the documentation on their web site for installing your certificate and any dependency files ๐