Throughout my web development career, I have worked on different projects some are big, some are small. Sometimes I have to work on web servers (production servers) that come with SSL enabled to use the HTTPS protocols and whereas my local development machines use HTTP, and this makes my development system different from the production one. But as a developer, I am sure that every developer always likes to have an exact environment like the production system. By default, we can’t use HTTPS for our WAMP connections. So here is the step-by-step tutorial on how I installed a self-signed SSL certificate on my local WAMP server to use HTTPS communication.
Step 1: Download and Install WAMP(Windows machine)
Download & install WAMP (Assuming that WAMP is installed, in my case, it’s on G:/ drive, I did it because I prefer to separate my projects from other files )
Step 2: Download OpenSSL
Download OpenSSL – Shining Light Productions choose the appropriate version according to your Operating system. I used “Win64 OpenSSL v1.1.0i Light“. While installing I have selected the default (C:\OpenSSL-Win64) installation folder.
Step 3: Create SSL Private Key and Certificate
Now we will generate a private key which is 2048bits encryption. “private.key” will be our key file. So to do that we need open the command-prompt and “Run as Administrator”. Go to the installed OpenSSL bin folder.
Once we are in the “bin” directory (Where the OpenSSL installed) type the following command to generate the private key. You will prompt to enter a pass-phrase (password) and also ask to verify the phrase, just enter any password(e.g. “localhost”) you like.
3.1. Generate the private key
openssl genrsa -aes256 -out private.key 2048
Now we will remove the passphrase (WAMP doesn’t support pass-phrase for key) from the RSA private key. We will also take a backup copy of the original file. It’ll ask you the pass-phrase(use the password entered on step 3.1).
3.2. Private key backup
copy private.key private.key.backup
3.3. Removing the passphrase (use the password entered on step 3.1)
openssl rsa -in private.key.backup -out private.key
Now we will generate a self-signed certificate, which will be used to certify the connection for encrypted traffic. “certificate.crt” will be our certificate. This is a single line command.
3.4. Creating the certificate
openssl req -new -x509 -sha1 -key private.key -out certificate.crt -days 36500 -config C:\OpenSSL-Win64\bin\openssl.cfg
You’ll be asked a few questions. Just make sure you enter your domain name (eg xxx.localhost.com), for Common Name (e.g. YOUR name). Once we are done, 2 files will be generated(
certificate.crt) in “C:\OpenSSL-Win64\bin”
Step 4: Copy the Created SSL Key and Certificate file
Now, create a folder “key“at: “G:\wamp\bin\apache\apache2.4.23\conf\key” and copy “private.key” and “certificate.crt” to “key” folder.
Step 5: Open httpd.conf, php.ini & uncomment
Open “httpd.conf” in a text editor, located at “G:\wamp\bin\apache\apache2.4.23\conf\httpd.conf“. uncomment these lines by removing at
# the beginning of the line, then save the file.
LoadModule ssl_module modules/mod_ssl.so Include conf/extra/httpd-ssl.conf LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Open “php.ini” in a text editor located at “G:\wamp\bin\php\php7.0.10\php.ini“. Check if this is uncommented.
Step 6: Open httpd-ssl.conf and make the final changes
Open “G:\wamp\bin\apache\apache2.4.23\conf\extra\httpd-ssl.conf“, Find “<VirtualHost _default_:443>” and below that line find and update below configuration according to your setup. Pay attention to the path, I ve created a folder “ssl” inside “G:/wamp/bin/apache/apache2.4.23/logs”
- Change “SessionCache….” → SSLSessionCache “shmcb:G:/wamp/bin/apache/apache2.4.23/logs/ssl/ssl_scache(512000)”
- Change “DocumentRoot …” → DocumentRoot “G:/wamp/www“
- Change “ServerName…” → ServerName “localhost:443“
- Change “ErrorLog….” → Errorlog “G:/wamp/bin/apache/apache2.4.23/logs/ssl/error.log“
- Change “TransferLog ….” → TransferLog “G:/wamp/bin/apache/apache2.4.23/logs/ssl/access.log“
- Change “SSLCertificateFile ….” → SSLCertificateFile “G:/wamp/bin/apache/apache2.4.23/conf/key/certificate.crt“
- Change “SSLCertificateKeyFile ….” → SSLCertificateKeyFile “G:/wamp/bin/apache/apache2.4.23/conf/key/private.key“
- On the same file replace ‘<Directory “c:/Apache24/cgi-bin”>‘ with ‘<Directory “G:/wamp/www”>’
- On the same file Change “CustomLog….” → CustomLog “G:/wamp/bin/apache/apache2.4.23/logs/ssl/ssl_request.log“
Step 7: Copy PHP DDL files to windows
Copy ssleay32.dll & libeay32.dll from “G:\wamp\bin\php\php7.0.10” folder to “C:\windows\system32“.
Now restart all the services in WAMP server and try to load https://localhost/
Step 8: Test to make sure it works!
Now go back to command prompt window, from the G:\wamp\bin\apache\apache2.4.23\bin type the following and check if you are getting Syntax is OK