JLBN – Setup HTTPS SSL on WAMP
Hypertext Transfer Protocol over Secure Socket Layer or HTTPS is a URI scheme used to indicate a secure HTTP connection. It is syntactically identical to the http:// scheme normally used for accessing resources using HTTP. Using an https: URL indicates that HTTP is to be used, but with a different default TCP port (443) and an additional encryption/authentication layer between the HTTP and TCP. This system was designed by Netscape Communications Corporation to provide authentication and encrypted communication and is widely used on the World Wide Web for security-sensitive communication such as payment transactions and corporate information systems.
In this tutor guide for WAMP, we will show you how to create a self-signed HTTPS SSL certificate; then, how to implement this self-signed certificate into WAMP; then, obtain a FREE Trusted HTTPS SSL Certificate to replace the self-signed one.
iam using openssl dir on d:/wamp/ and i also try with d:/wamp/bin/apache/apache2.2.21/conf/ssl dir, iam using wamp 2.2.21 with apache 2.2.21
#
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the SSL library.
# The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn’t
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
#
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
#
# When we also provide SSL we have to listen to the
# standard HTTP port (see above) and to the HTTPS port
#
# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
# Listen directives: “Listen [::]:443” and “Listen 0.0.0.0:443”
#
Listen 443
##
## SSL Global Context
##
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
##
#
# Some MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin’ is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
#SSLSessionCache “dbm:d:/wamp/logs/ssl_scache”
SSLSessionCache “shmcb:D:/wamp/apache/Apache2.2.21/logs/ssl_scache(512000)”
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
SSLMutex default
##
## SSL Virtual Host Context
##
DocumentRoot “D:/wamp/www/ssl”
ServerName localhost:443
ServerAdmin myemail@example.com
ErrorLog “D:/wamp/logs/mysecuresite_error_log”
TransferLog “D:/wamp/logs/mysecuresite_access_log”
SSLCertificateFile “D:/wamp/openssl/certs/webserver.cert”
SSLCertificateKeyFile “D:/wamp/openssl/certs/webserver.key”
SSLCARevocationPath “D:/wamp/openssl/crl”
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
BrowserMatch “.*MSIE.*” \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog “D:/wamp/logs/ssl_request_log” \
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”
this is my httpd_ssl.conf
I have installed wamp on d: partition and not c: partition i try all posible to make work this, but my wamp icon dont put green never, i changed the openssl.cnf dir, and alll…. i dont what this dont work… 🙁
Sorry, I meant openssl.cnf* and NOT openssl.cfg.
Also, installing WampSSL on Wamp installation with Apache 2.2.21 requires you to change openssl.conf into openssl.cfg before copying files.
Afterwards, you will need to edit openssl.cfg so that the line with:
dir = ….
reads as follows:
dir = “C:\wamp\bin\apache\Apache2.2.21\conf\ssl” # Where everything is kept
Make sure during all steps that Apache/apache2.2.11 is actually apache/Apache2.2.21 if you are using WAMP with Apache 2.2.21
Hope this helps someone!
Jeffreylee Snow,
Thank you so much for that! I’ve been working on this setup for two days. My WAMP would only start the MySQL Service and I wasn’t getting any errors for Apache2.2.21. I implemented your suggestion and Apache2.2.21 finally started.
Mistake perhaps:
Step 30
Then find: (ssl30.jpg)
SSLCertificateKeyFile “C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.key”
Should read:
Step 30
Then find: (ssl30.jpg)
SSLCertificateKeyFile “C:/Program Files/Apache Software Foundation/Apache2.2.8/ssl/conf/server.key”
Everything works fine except that the https works only on localhost and not the domain name I give (www.example.com). Please help!! How to configure Apache/SSL to work with my domain name?
Worked flawlessly with Wamp2.1 and Apache 2.2.17. I had to change the version number and path for all the apache path instructions but that was it. Thank you!
I’m quite pleased with the infrmatoion in this one. TY!
I am using Wamp 2.1 and Apache 2.2.17. I get as fas as Step 3 and then get the following response
The ordinal 942 could not be located in the dynamic link library libeay32.dll
Bill Steele, in step 2, you have to navigate to proper Apache folder, so instead
cd\wamp\bin\apache\apache2.2.8\bin
You might want to use
cd\wamp\bin\apache\apache2.2.17\bin
Note: the Apache version
u got that message when u lunch genrsa command right?
Just download http://www.openssl.org/source/openssl-0.9.8h.tar.gz install it and open
“C:\Program Files\OpenSSL\out32\openssl.exe”
thx
I let off the www on my website link. Which leads me to another question. For some reason must include the full http://www.warpdns.net:990 to bring up the website. How would I go about changing this so all that would be required to be entered would be http://www.warpdns.net:990 or http://www.warpdns.net
Thanks For your assistance
William, HTTPS and/or SSL use default port 443 as we’ve already indicated right from the beginning as well as through out the guide and if you follow this guide to set it up properly, you should have just your domain on https instead have to attach port to your domain 😉
I have a problem. I have installed SSL as per your guide and the SSL works fine. However, my website will no longer operate correctly when I have SSL running. I just get a blank screen. I would like to set SSL running on a different port. For example, I have my website running on port 990 and would like to run the ssl on port 8080. How would I go about doing that?
can you help me because i can’t make that in work
if you like post me your configuration :
– os
– wamp version
– apache version
– php version
thx for reply
maher, we’re using the latest Wamp version; our main server is running Windows Server 2008 and our other desktops/laptops mostly have Windows 7 and we don’t have any issue at all to setup SSL 😉
Hi,
can u help me how to instrall wamp server 2.0 to windows server 2008
Hi wasthu,
Did you try our guides? If still stuck, post the error you’re encountered and we try our best to help you out 😉
hi
mod_ssl.so cannot load
line wamp server work green icon
#LoadModule ssl_module modules/mod_ssl.so
line wamp server not work yellow icon
LoadModule ssl_module modules/mod_ssl.so
Good function using the weblog, It is outstnding.
Thank you for displaying such a good tutorial. I have a simple question, what changes would I have to make to create seperate ssl certificates for projects not online inside a wamp 64 bit installation?
Why? I want to develop several different domains for magento and wordpress etc and am now stuck at the point of adding ssl certificates for them. I have modified the hosts domains 127.0.0.1 http://www.magemtonp.com and have changed the htppd-conf file to includeInclude “c:/wamp/alias/*”
NameVirtualHost 127.0.0.1
ServerName localhost
DocumentRoot “C:/wamp/www”
ServerName http://www.magentonp.com
DocumentRoot “C:/wamp/www/magentonp”
Order Allow,Deny
Allow from all
I followed your instructions and made It works page, I just would like some help bringing it all together at the next level. Thanks Again.
Hi, I think your site might be having browser compatibility issues. When I look at your blog in Internet Explorer, it looks fine but when opening in Opera, it just doesn\\\\\\\’t look right. I thought you would like to know.
Hi Everyone,
I try to install SSL for my website, I did all the reqs. but I got this error. Would you please help me what I am doing it wrong? Thank you
HERE is THE ERROR :
error on line -1 of c:\wamp\bin\apache\apache2.2.17\conf\openssl.conf 2392:error:02001002:system library:fopen:No such file or directory:.\crypto\bcc_file.c:126:c:\wamp\bin\apache\apache2.2.17\conf\openssl.conf 2392:error:2006D080:BIO routines:BIO_new_file:no such file:.\crypto\bio\bss_file.c129:
2392:error:0E078072:configuration file routines:DEF_LOAD:no such file:.\crypto\conf\conf_def.c:197:
then drops back to :
C:\wamp\bin\apache\apache2.2.17\bin>
This website online is mostly a walk-via for all of the data you needed about this and didn’t know who to ask. Glimpse here, and also you’ll definitely uncover it.
Hi, how are you?
I have to thank you, because this is the only website, where I’ve found this kind of information and very easy to understand. But I have a problem, in Step 46 (approximately) when I’m going to tick the ssl_module of Apache, I can’t start Wamp.
I’m working with Windows XP Professional SP3 and Wamp Server 2.1. I think that the problem is due to the version of Wamp. It will be possible that you can send me or to public the way to setup https with WampServer 2.1?
I am going to be eternally grateful, if you can help me.
Thank you very much.
Cordially,
Paola
P.D.: Please excuse my english, due to I’m not English-speaker.
Please, check these comments which have solutions for comment errors people would run into when following this guide
http://blog.jlbn.net/?p=46&cpage=7#comment-4470
http://blog.jlbn.net/?p=46&cpage=7#comment-4612
http://blog.jlbn.net/?p=46&cpage=6#comment-4211
Its like you read my mind! You seem to know a lot about this, like you wrote the book in it or something. I think that you could do with a few pics to drive the message home a bit, but other than that, this is fantastic blog. A fantastic read. I will certainly be back.