How to Enable Localhost HTTPS (SSL) on WAMP Server (3.0.9)

How to install localhost https url on WAMP server 800x300 - How to Enable Localhost HTTPS (SSL) on WAMP Server (3.0.9)

Throughout my web development career, I have worked on different projects some are big, some are small. Sometimes I have to work on web servers (production servers) that come with SSL enabled to use the HTTPS protocols and whereas my local development machines use HTTP, and this makes my development system different from the production one. But as a developer, I am sure that every developer always likes to have an exact environment like the production system. By default, we can’t use HTTPS for our WAMP connections. So here is the step-by-step tutorial on how I installed a self-signed SSL certificate on my local WAMP server to use HTTPS communication.

Step 1: Download and Install WAMP(Windows machine)

Download & install WAMP (Assuming that WAMP is installed, in my case, it’s on G:/ drive, I did it because I prefer to separate my projects from other files )

Step 2: Download OpenSSL

Download OpenSSL – Shining Light Productions choose the appropriate version according to your Operating system. I used Win64 OpenSSL v1.1.0i Light. While installing I have selected the default (C:\OpenSSL-Win64) installation folder.

Step 3: Create SSL Private Key and Certificate

Now we will generate a private key which is 2048bits encryption. “private.key” will be our key file. So to do that we need open the command-prompt and “Run as Administrator”. Go to the installed OpenSSL bin folder.

C:\OpenSSL-Win64\bin>

Once we are in the “bin” directory (Where the OpenSSL installed) type the following command to generate the private key. You will prompt to enter a pass-phrase (password) and also ask to verify the phrase, just enter any password(e.g. “localhost”) you like.
3.1. Generate the private key

openssl genrsa -aes256 -out private.key 2048

Now we will remove the passphrase (WAMP doesn’t support pass-phrase for key) from the RSA private key. We will also take a backup copy of the original file. It’ll ask you the pass-phrase(use the password entered on step 3.1).

3.2. Private key backup

copy private.key private.key.backup

3.3. Removing the passphrase (use the password entered on step 3.1)

openssl rsa -in private.key.backup -out private.key

Now we will generate a self-signed certificate, which will be used to certify the connection for encrypted traffic. “certificate.crt” will be our certificate. This is a single line command.

3.4. Creating the certificate

openssl req -new -x509 -sha1 -key private.key -out certificate.crt -days 36500 -config C:\OpenSSL-Win64\bin\openssl.cfg

You’ll be asked a few questions. Just make sure you enter your domain name (eg xxx.localhost.com), for Common Name (e.g. YOUR name). Once we are done, 2 files will be generated(private.key and certificate.crt) in “C:\OpenSSL-Win64\bin

Step 4: Copy the Created SSL Key and Certificate file

Now, create a folder “key“at: “G:\wamp\bin\apache\apache2.4.23\conf\key” and copy “private.key” and “certificate.crt” to “key” folder.

In case you are having any other version than apache2.4.23 then change it.

Step 5: Open httpd.conf, php.ini & uncomment

Open “httpd.conf” in a text editor, located at “G:\wamp\bin\apache\apache2.4.23\conf\httpd.conf“. uncomment these lines by removing at# the beginning of the line, then save the file.

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Open “php.ini” in a text editor located at “G:\wamp\bin\php\php7.0.10\php.ini“. Check if this is uncommented.

extension=php_openssl.dll

Step 6: Open httpd-ssl.conf and make the final changes

Open “G:\wamp\bin\apache\apache2.4.23\conf\extra\httpd-ssl.conf“, Find “<VirtualHost _default_:443>” and below that line find and update below configuration according to your setup. Pay attention to the path, I ve created a folder “ssl” inside “G:/wamp/bin/apache/apache2.4.23/logs”

  1. Change “SessionCache….” → SSLSessionCache “shmcb:G:/wamp/bin/apache/apache2.4.23/logs/ssl/ssl_scache(512000)”
  2. Change “DocumentRoot …” → DocumentRoot “G:/wamp/www
  3. Change “ServerName…” → ServerName “localhost:443
  4. Change “ErrorLog….” → Errorlog “G:/wamp/bin/apache/apache2.4.23/logs/ssl/error.log
  5. Change “TransferLog ….” → TransferLog “G:/wamp/bin/apache/apache2.4.23/logs/ssl/access.log
  6. Change “SSLCertificateFile ….” → SSLCertificateFile “G:/wamp/bin/apache/apache2.4.23/conf/key/certificate.crt
  7. Change “SSLCertificateKeyFile ….” → SSLCertificateKeyFile “G:/wamp/bin/apache/apache2.4.23/conf/key/private.key
  8. On the same file replace ‘<Directory “c:/Apache24/cgi-bin”>‘ with ‘<Directory “G:/wamp/www”>’
  9. On the same file Change “CustomLog….” → CustomLog “G:/wamp/bin/apache/apache2.4.23/logs/ssl/ssl_request.log

Step 7: Copy PHP DDL files to windows

Copy ssleay32.dll & libeay32.dll from “G:\wamp\bin\php\php7.0.10” folder to “C:\windows\system32“.

Now restart all the services in WAMP server and try to load https://localhost/

You’ll get a security warning which is because we are using the self-signed certificate.You need to add it to an exception to access the page.

Step 8: Test to make sure it works!

Now go back to command prompt window, from the G:\wamp\bin\apache\apache2.4.23\bin  type the following and check if you are getting Syntax is OK

httpd –t

 

About This Author

My name is Parameshwar Roy (P. Roy), and I am a web developer. This is my personal blog to record my own thoughts. Though I am not a natural writer, I love to share my experiences. Hope my experiences will be useful to you...read more about me

63 Comments

You can post comments in this post.


  • Great article, very much appreciated. Just curious, when I test the actual localhost, should I still get the messages in the browser that the site is not secure or add an exception for the site? I believe this may be the default settings in the browsers that I am using; firefox, edge, and chrome.

    James 1 year ago Reply


  • C:\wamp64\bin\apache\apache2.4.23\bin>httpd -t
    httpd: Syntax error on line 184 of C:/wamp64/bin/apache/apache2.4.23/conf/httpd.
    conf: Cannot load modules/mod_ssl.so into server: O sistema operacional n\xe3o p
    ode executar %1.

    i have this problem
    Regards

    luis cachinho 1 year ago Reply


    • same problem to me.

      selno 10 months ago Reply


      • Parameshwar Roy Proy 150x150 - How to Enable Localhost HTTPS (SSL) on WAMP Server (3.0.9)

        Try it now

        P. Roy 10 months ago Reply


        • Not working same error
          .\httpd.exe -t

          httpd.exe: Syntax error on line 174 of C:/wamp/bin/apache/apache2.4.17/conf/httpd.conf: Cannot load modules/mod_ssl.so into server: The operating system cannot run %1.

          Chris 9 months ago Reply


          • same problem

            adil 3 months ago


  • Hi, thank you, it works great! You have one small mistake: “serer.key” -> “server.key” 🙂

    Vaclav Cernik 1 year ago Reply


  • Great tutorial – worked perfectly. Saved me a lot of time. Big and many thanks!

    Small remark:
    In Step 2 it turns out that Google’s OpenSSL is too old for my WAMP with Apache 2.4.23.
    However, using Shining Light Productions’ build Win64 OpenSSL v1.0.2L worked just fine.
    (I did not use the latest Win64 OpenSSL v1.1.0f Light because Stack Overflow article cannot-load-modules-mod-ssl-so-into-server advised against it.)

    Thank you again,
    Bogdan

    Bogdan 1 year ago Reply


  • Awesome man, thank you so much. Works great on Windows 10. Only thing I needed to change in each snippet of code was my directory, which is “C:” and change “wamp” to “wamp64” since I was using that version.

    For anyone else coming here, everything went as smooth as butter, except for one tiny thing. When I was going through http.conf and making the changes Proy suggested, when I did a search for the line, “LoadModule socache_shmcb_module modules/mod_socache_shmcb.so”, the text editor said it couldn’t find it. It’s definitely in there, so don’t let that distract you.

    Daniel Zuzevich 1 year ago Reply


  • this work for me thanx buddy…….

    chamara 1 year ago Reply


  • Hi, there’s no openssl.cnf file when I downloaded OpenSSL. And also it is an exe file, not zip file.
    And I think because of that I got error “Can’t open config file: /usr/local/ssl/openssl.cnf”

    Dandy 1 year ago Reply


    • Hello, install openSSL.exe and OpenSSL-Win64\bin , copy openssl.cfg and rename to openssl.cnf.

      Asish 1 year ago Reply


  • in step 8
    i had this error :
    httpd: Syntax error on line 184 of D:/wamp64/bin/apache/apache2.4.23/conf/httpd.conf: Cannot load modules/mod_ssl.so into server: Le syst\xe8me d\x92exploitation ne peut pas ex\xe9cuter %1.

    ouldfella 1 year ago Reply


  • Hi, could you please tell me one thing, if i configured like your way.
    then all my projects will run on ssl way like that i done my project without ssl:
    http://localhost/abc
    http://localhost/def

    Then those will run with https://localhost/abc, https://localhost/def etc like that?

    kh ashique 1 year ago Reply


    • Parameshwar Roy Proy 150x150 - How to Enable Localhost HTTPS (SSL) on WAMP Server (3.0.9)

      I’ve made some changes. Try it now.

      P. Roy 10 months ago Reply


  • Hello,
    everything is working perfect on localhost. Initially in faced issue while accessing it on another ip.I configured vhosts.conf as below to make it work.

    # Virtual Hosts
    #

    ServerName localhost
    DocumentRoot c:/wamp64/www

    Options +Indexes +FollowSymLinks +MultiViews
    AllowOverride All
    Require all granted

    I can access http://myip on local LAN, but when i access https://myip , i’m getting following error:
    “Forbidden
    You don’t have permission to access / on this server.
    Apache/2.4.27 (Win64) OpenSSL/1.1.0f PHP/5.6.31 Server at 10.179.204.29 Port 443 ”

    Thanks in advance!
    Asish

    Asish 1 year ago Reply


    • Fixed: edit httpd-ssl.conf as below @ line number 256.

      SSLOptions +StdEnvVars

      #Options FollowSymLinks
      Options +Indexes +Includes +FollowSymLinks +MultiViews
      AllowOverride All
      Require all granted

      Asish 1 year ago Reply


      • thank you thank you thank you!!! I had the same problem, and your solution worked! thanks for sharing

        astrid 7 months ago Reply


    • E….:\w…\b….\apache\apache2.4.18\bin>httpd -t
      Syntax OK
      but still when i sart all service
      http:localhost….. that means https: not enable please i need your support

      temam 2 months ago Reply


  • Super, Super, Super… Really helpful my dear friend

    Anand Raju 1 year ago Reply


  • The procedure is great, but something went wrong on windows 10. Plus I had to use 1.0.2 SSL as another user did. When I try to restart my services the apache service will not start. There are not any errors logged either. I think it might have something to do with the port conflict.

    Tom Lee 12 months ago Reply


  • Hi Proy, good tutorial.

    So, I´m facing a problem here, after all the steps, I get an error where the mod_ssl cannot be loaded:
    “Cannot load modules/mod_ssl.so into server: %1 is not a valid Win32 application.”. At first I thought the problem was the Openssl version I got, which was the one you listed from google (x64). After trying the version WIN32 only said that the module couldn´t be loaded. I tried downloading the versions on Shining Light but also the same problem. Now when I start the Wamp server, the localhost is refusing all the requests.
    Any idea on where I can check?
    thanks

    Gustavo Marrara 12 months ago Reply


    • Further looking for a solution here, seems that the DLL files were not working and any of the ones I was finding online. Decided the pull them from the PHP 7 folder and now it´s working 🙂
      thanks again for the tutorial

      Gustavo Marrara 12 months ago Reply


      • Parameshwar Roy Proy 150x150 - How to Enable Localhost HTTPS (SSL) on WAMP Server (3.0.9)

        I’ve made some changes. Try it now.

        P. Roy 10 months ago Reply


  • Followed everything, but I am getting an error in my ssl error log :

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] AH02577: Init: SSLPassPhraseDialog builtin is not supported on Win32 (key file C:/wamp64/bin/apache/apache2.4.27/conf/sslkeycert/server.crt)

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] AH02564: Failed to configure encrypted (?) private key localhost:443:0, check C:/wamp64/bin/apache/apache2.4.27/conf/sslkeycert/server.crt

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag

    Using the 64bit wamp , 64bit Google openssl files, and double checked everything was followed. Ideas?

    SM 12 months ago Reply


    • Parameshwar Roy Proy 150x150 - How to Enable Localhost HTTPS (SSL) on WAMP Server (3.0.9)

      I’ve made some changes. Try it now.

      P. Roy 10 months ago Reply


      • You also have to comment the following line into httpd-ssl.conf : SSLPassPhraseDialog builtin
        => #SSLPassPhraseDialog builtin

        tekool 7 months ago Reply


  • I downloaded OpenSSL from Shining Light, which is an exe installer, not a zip file. I installed it in the default location (“C:\OpenSSL-Win64”). My WAMP64 (v3.1.0) already contains all the files listed in Step 3. Do I still have to copy/paste those files from the OpenSSL package to Wamp?
    There is no ssleay32.dll in the OpenSSL package.

    Gilbert 11 months ago Reply


  • Thanks. But the problem is that I get error 403 forbidden by accessing https://localhost !
    What is the problem?

    Pooria 11 months ago Reply


  • Thanks, the tutorial worked perfectly!

    Ivan 11 months ago Reply


  • Awesome article thanks for share this article

    Shipom 10 months ago Reply


  • Great article I have followed the steps bu i got following error

    SSLCertificateFile: file ‘C:/wamp64/bin/apache/apache2.4.23/conf/Key/certiicate.
    crt’ does not exist or is empty

    Php learner 9 months ago Reply


    • I have copied the certificate file and key file to the key folder..

      Php learner 9 months ago Reply


  • I got this error after running httpd -t
    “AH00526: Syntax error on line 52 of C:/wamp64/bin/apache/apache2.4.27/conf/extra/httpd-ssl.conf:
    Invalid command ‘SSLCipherSuite’, perhaps misspelled or defined by a module not included in the server configuration”

    karthick 9 months ago Reply


  • Hi,
    After doing all the step I am trying to restart my wamp, but, its stauck on the orange color.
    Do you have any idea why?
    Thank a lot.

    Kja Ja 9 months ago Reply


    • Parameshwar Roy Proy 150x150 - How to Enable Localhost HTTPS (SSL) on WAMP Server (3.0.9)

      I think you need to review the steps.

      P. Roy 9 months ago Reply


      • Hi, After doing all the step I am trying to restart wamp, but, its stuck on the orange color.
        I checked multiple time, I do all the above steps correctly… I have no error logs, but when I close wamp and restart it, I get an error “apache server as stopped…”, it still launch but again stuck on orange !!!
        Do you have any idea why? Thank a lot.

        loky 4 months ago Reply


  • I Have done all the step but each browser says its is not secure there is red in chrome, not secure on mozilla.. please guide me

    thanks

    Ghufran 8 months ago Reply


    • Parameshwar Roy Proy 150x150 - How to Enable Localhost HTTPS (SSL) on WAMP Server (3.0.9)

      Warning will still be there. You need to add it to exception to access the page.

      P. Roy 8 months ago Reply


      • “Warning will still be there. You need to add it to exception to access the page. P. Roy”

        I am not sure what the point is of using a self-signed certificate outside. Https, ssl, tls, etc are for setting up secure/encrypted trusted connections between two parties (client/server or server/server) . Certificates and encryption are based on trust. When you use a self-signed certificate, there is no third-party Certificate Authority (Symantec, GlobalSign, Trustware, etc) involved in signing the certificate and therefore certifying your identity. Therefore a self-signed certificate is not considered trustworthy beyond your own local internal systems for internal purposes. Most browsers will indicate that the connection is not secure and advise not to enter or transmit sensitive data such as credit card numbers, passwords, login credentials, etc. Therefore, just because you can access a site that has “https” in the URL, doesn’t necessarily mean the connection is secured/encrypted.

        The real solution is to purchase web hosting and install a certificate that has been signed by a Certificate Authority on your web host server.

        https://support.mozilla.org/en-US/kb/insecure-password-warning-firefox?as=u&utm_source=inproduct

        Aramini 2 months ago Reply


  • Hi, thank you, thank you and thank you! It works.
    I have tried several another guides, but none works for me. This one works.
    Only add notic about browser warning – its ok on localhost 🙂
    Thank you.

    Michal Tiller 7 months ago Reply


  • Just wanted to say thanks! You made it so easy for even someone of my skill level to set this up on his machine. Kudos!!! (And your step 8 really made it possible to identify what was going wrong and get the green Wampserver icon back on my statusbar!)

    Sreeram 7 months ago Reply


  • Hi, gr8 tutorial…

    I have one question, for me is already running well in my localhost, I’ve downloaded the last open-ssl version and do the steps above in the tutorial, all is patient to configure the files. I’ll made an Spanish video tutorial to my YouTube channel if you concede me the rights ha-ha always given to you the credits.

    Well, this the question about…I running some “VirtualHost” in wamp, so when I running for example “buildsite.dev” this show me the page where I have to click on advance and add the exception but the button “Add Exception…” doesn’t appear…What can I’ll do in this case? can you help me please?

    Thanks in advance, and again gr8 tutorial…

    Jashirou 6 months ago Reply


  • Awesome!
    Work Smooth also won wamp64 (windows 64 version)
    Thanks!

    Guy 6 months ago Reply


  • Thank you for this tutorial.

    I did all the steps and the test is successful but still have a problem. I’m able to browse https://localhost as well as http://localhost. I have a couple of virtual host domains in httpd-vhost.conf and I can browse them normally without https BUT when I enter https://vhost-domain it redirects to WAMP https://localhost. Any idea how to fix this?

    Also the browser says that the connection is not secure.

    Thanks.

    Alex 6 months ago Reply


    • me too i face the same challenge the syntax is ok but still itsays http:localhost

      temam 2 months ago Reply


  • Thanks for this great tutorial. I just have one question. I followed all the steps and when I type httpd -t, it outputs SYNTAX OK. But when I open https://localhost/, there is a certificate error. Besides, I got this message: This site is not secure. This might mean that someone’s trying to fool you or steal any info you send to the server. You should close this site immediately. Do you have any idea why? Appreciate it!

    longtao 6 months ago Reply


  • I combined the steps here with the steps at
    https://articlebin.michaelmilette.com/how-to-add-ssl-https-to-wampserver/
    to get my localhost accepted as https://

    Specifically the comments by Peter Cooper:
    I needed to use openssl to include Subject Alternative Names.
    edit C:\wamp64\bin\apache\apache2.4.27\conf\openssl.cnf

    Under [ Req ] section
    uncommented: req_extensions = v3_req

    Under [ v3_req ] section
    Added: extendedKeyUsage = serverAuth
    Added: subjectAltName = @alt_names

    Under [ v3_ca ] section
    Added: subjectAltName = @alt_names

    Added new section [ alt_names ] at the bottom of the file
    [ alt_names ]
    DNS.1 = localhost
    DNS.2 = http://www.localhost

    Then reloaded the new certificate into the Trusted Root Certification Authorities Store (using Chrome Settings/Advanced/Manage certificates. The Chrome Developer tools Security tab helped confirm any issues.

    Kin 5 months ago Reply


  • Thanks for the tutorial. I followed it to the letter, and httpd -t in the end gave me the “Syntax OK” message. However, http://localhost works, but https://localhost doesn’t work at all. So, no certificate errors or warnings, just plain “This site can’t be reached”. Any idea why?

    Momcilo 5 months ago Reply


  • For latest vesrion of openssl
    Those having problem with config file
    use this command first
    set OPENSSL_CONF=C:\OpenSSL-Win64\bin\cnf\openssl.cnf
    then
    openssl req -new -x509 -sha1 -key private.key -out certificate.crt -days 36500

    pushpen singh 4 months ago Reply


  • Hi. Great and clear tutorial. I followed all the steps and I got this error in logs:

    [ssl:warn] [pid 1192:tid 624] AH01906: localhost:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

    How should I fix it? Thanks!

    Razvan 4 months ago Reply


  • Hi. After doing all the steps I got this error in logs: [ssl:warn] [pid 2576:tid 600] AH01906: localhost:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
    Installed on a Windows 10 64 bits machine. The http://localhost works great. but https://localhost not.
    In Chrome I’m getting NET::ERR_CERT_AUTHORITY_INVALID. “Your connection is not private”.
    What should I do? Thanks!

    Razvan 4 months ago Reply


  • After these steps My wamp is yellow not turning green, any help be appreciated. Thanks.

    Aditya 3 months ago Reply


  • thanks man!!

    it helps us a lot

    vijay kumar singh 3 months ago Reply


  • Hello PRoy,

    I followed your instructions with adjusted paths, but I get an error when checking syntax (Step 8):

    AH00526: Syntax error on line 87 of C:/wampserver/bin/apache/apache2.4.9/conf/ex
    tra/httpd-ssl.conf:
    SSLSessionCache takes one argument, SSL Session Cache storage (‘none’, ‘nonenotn
    ull’, ‘dbm:/path/to/file’)

    Line 87 is:
    SSLSessionCache “shmcb:c:/wampserver/bin/apache/apache2.4.9/logs/ssl_scache(512000)”

    The wampserver symbol stays yellow and doesn’t want to turn to green.
    What did I do wrong?

    Thank you,
    Stefan

    Stefan 3 months ago Reply


  • Thank you very much!

    manoj 3 months ago Reply


  • I got this error

    openssl req -new -x509 -sha1 -key private.key -out certificate.crt -days 36500 -config C:\OpenSSL-Win64\bin\openssl.cfg

    Can’t load ./.rnd into RNG
    6268:error:2406F079:random number generator:RAND_load_file:Cannot open file:crypto\rand\randfile.c:88:Filename=./.rnd

    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter ‘.’, the field will be left blank.

    Aqeel 4 weeks ago Reply


Leave A Reply