How to Enable Localhost HTTPS (SSL) on WAMP Server

How to install localhost https url on WAMP server 800x300 - How to Enable Localhost HTTPS (SSL) on WAMP Server

Throughout my web development career, I have worked on different projects some are big, some are small. Sometimes I have to work on web servers (production servers) that come with SSL enabled to use the HTTPS protocols and whereas my local development machines use HTTP, and this makes my development system different from the production one. But as a developer, I am sure that every developer always like to have an exact environment like the production system. So here is the step-by-step tutorial on how I installed self-created SSL certificate on my local WAMP server to use HTTPS communication.

Step 1: Download and Install WAMP(Windows machine)

Download & install WAMP (Assuming that WAMP is installed, in my case, it’s on G:/ drive, I did it because I prefer to separate my projects from other files )

Step 2: Download OpenSSL (32 bits/64 bits Windows)

I use the OpenSSL for Windows from google. You can use others Open SSL – Shining Light Productions

Step 3: Configure WAMP to use HTTP+SSL=HTTPS

Extract the downloaded OpenSSL zip file in step 2 and Copy/Replace following files to the destination given below. It is best practice to take a backup before making any changes.

Path to openssl.exe : G:\wamp\bin\apache\apache2.4.23\bin\openssl.exe
Path to libeay32.dll : G:\wamp\bin\apache\apache2.4.23\bin\libeay32.dll
Path to ssleay32.dll : G:\wamp\bin\apache\apache2.4.23\bin\ssleay32.dll
Path to openssl.cnf  : G:\wamp\bin\apache\apache2.4.23\conf\openssl.cnf
Depending on your WAMP installation “apache 2.4.xx” folder may be different

Step 4: Create SSL Key and Certificate

Now we will generate a private key which is 2048bits encryption. “localhost_ssl.key” will be our key file. So to do that we need open the command-prompt and “Run as Administrator”. Type the following command to go to the bin folder.

cd G:\wamp\bin\apache\apache2.4.23\bin

Once we are in the “bin” directory type the following command. You will prompt to enter a pass-phrase (password) and also ask to verify the phrase, just enter any password you like. e.g. “localhost”

openssl genrsa -aes256 -out server.key 2048

Now we will remove the pass phrase from the RSA private key. We will also take a backup copy of the original file. It’ll ask you the passphrase that was entered on the previous command, so just type it.

copy server.key server.key.backup
openssl rsa -in server.key.backup -out server.key

Now we will generate a self-signed certificate, which will be used to certify the connection for encrypted traffic. “localhost_certificate.crt” will be our certificate. This is a single line command.

openssl req -new -x509 -nodes -sha1 -days 365 -key server.key -out server.crt -config G:\wamp\bin\apache\apache2.4.23\conf\openssl.cnf

Step 5: Copy the Created SSL Key and Certificate file

Now, create a folder “sslkeycert“at: “G:\wamp\bin\apache\apache2.4.23\conf” and copy “server.key” and “server.crt” to “sslkeycert” folder.

Step 6: Open httpd.conf, php.ini & uncomment

Open “httpd.conf” in a text editor, located at “G:\wamp\bin\apache\apache2.4.23\conf\httpd.conf“.

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Open “php.ini” in a text editor located at “G:\wamp\bin\php\php5.6.25\php.ini“. You may find this uncommented.

extension=php_openssl.dll

Step 7: Open httpd-ssl.conf and make the final changes

Open “G:\wamp\bin\apache\apache2.4.23\conf\extra\httpd-ssl.conf“, find “<VirtualHost _default_:443>” and below that line find and update below configuration according to your setup:

  1. Change “DocumentRoot …” → DocumentRoot “G:/wamp/www
  2. Change “ServerName…” → ServerName “localhost:443
  3. Change “ErrorLog….” → Errorlog “G:/wamp/bin/apache/apache2.4.23/logs/sslerror.log
  4. Change “TransferLog ….” → TransferLog “G:/wamp/bin/apache/apache2.4.23/logs/sslaccess.log
  5. Change “SSLCertificateFile ….” → SSLCertificateFile “G:/wamp/bin/apache/apache2.4.23/conf/sslkeycert/server.crt
  6. Change “SSLCertificateKeyFile ….” → SSLCertificateKeyFile “G:/wamp/bin/apache/apache2.4.23/conf/sslkeycert/server.key
  7. On the same file replace ‘<Directory “c:/Apache24/cgi-bin”>‘ with ‘<Directory “G:/wamp/www”>’
  8. On the same file Change “CustomLog….” → CustomLog “G:/wamp/bin/apache/apache2.4.23/logs/ssl_request.log

Step 8: Test to make sure it works!

Now go back to command prompt window, from the G:\wamp\bin\apache\apache2.4.23\bin  type the following and check if you are getting Syntax is OK

httpd –t

Now restart all the services in WAMP server and try to load https://localhost/

About This Author

My name is Parameshwar Roy (P. Roy), and I am a web developer. This is my personal blog to record my own thoughts. Though I am not a natural writer, I love to share my experiences. Hope my experiences will be useful to you…read more about me

25 Comments

You can post comments in this post.


  • Great article, very much appreciated. Just curious, when I test the actual localhost, should I still get the messages in the browser that the site is not secure or add an exception for the site? I believe this may be the default settings in the browsers that I am using; firefox, edge, and chrome.

    James 5 months ago Reply


  • C:\wamp64\bin\apache\apache2.4.23\bin>httpd -t
    httpd: Syntax error on line 184 of C:/wamp64/bin/apache/apache2.4.23/conf/httpd.
    conf: Cannot load modules/mod_ssl.so into server: O sistema operacional n\xe3o p
    ode executar %1.

    i have this problem
    Regards

    luis cachinho 5 months ago Reply


  • Hi, thank you, it works great! You have one small mistake: “serer.key” -> “server.key” 🙂

    Vaclav Cernik 4 months ago Reply


  • Great tutorial – worked perfectly. Saved me a lot of time. Big and many thanks!

    Small remark:
    In Step 2 it turns out that Google’s OpenSSL is too old for my WAMP with Apache 2.4.23.
    However, using Shining Light Productions’ build Win64 OpenSSL v1.0.2L worked just fine.
    (I did not use the latest Win64 OpenSSL v1.1.0f Light because Stack Overflow article cannot-load-modules-mod-ssl-so-into-server advised against it.)

    Thank you again,
    Bogdan

    Bogdan 4 months ago Reply


  • Awesome man, thank you so much. Works great on Windows 10. Only thing I needed to change in each snippet of code was my directory, which is “C:” and change “wamp” to “wamp64” since I was using that version.

    For anyone else coming here, everything went as smooth as butter, except for one tiny thing. When I was going through http.conf and making the changes Proy suggested, when I did a search for the line, “LoadModule socache_shmcb_module modules/mod_socache_shmcb.so”, the text editor said it couldn’t find it. It’s definitely in there, so don’t let that distract you.

    Daniel Zuzevich 4 months ago Reply


  • this work for me thanx buddy…….

    chamara 3 months ago Reply


  • Hi, there’s no openssl.cnf file when I downloaded OpenSSL. And also it is an exe file, not zip file.
    And I think because of that I got error “Can’t open config file: /usr/local/ssl/openssl.cnf”

    Dandy 3 months ago Reply


    • Hello, install openSSL.exe and OpenSSL-Win64\bin , copy openssl.cfg and rename to openssl.cnf.

      Asish 2 months ago Reply


  • in step 8
    i had this error :
    httpd: Syntax error on line 184 of D:/wamp64/bin/apache/apache2.4.23/conf/httpd.conf: Cannot load modules/mod_ssl.so into server: Le syst\xe8me d\x92exploitation ne peut pas ex\xe9cuter %1.

    ouldfella 3 months ago Reply


  • Hi, could you please tell me one thing, if i configured like your way.
    then all my projects will run on ssl way like that i done my project without ssl:
    http://localhost/abc
    http://localhost/def

    Then those will run with https://localhost/abc, https://localhost/def etc like that?

    kh ashique 2 months ago Reply


  • Hello,
    everything is working perfect on localhost. Initially in faced issue while accessing it on another ip.I configured vhosts.conf as below to make it work.

    # Virtual Hosts
    #

    ServerName localhost
    DocumentRoot c:/wamp64/www

    Options +Indexes +FollowSymLinks +MultiViews
    AllowOverride All
    Require all granted

    I can access http://myip on local LAN, but when i access https://myip , i’m getting following error:
    “Forbidden
    You don’t have permission to access / on this server.
    Apache/2.4.27 (Win64) OpenSSL/1.1.0f PHP/5.6.31 Server at 10.179.204.29 Port 443 ”

    Thanks in advance!
    Asish

    Asish 2 months ago Reply


    • Fixed: edit httpd-ssl.conf as below @ line number 256.

      SSLOptions +StdEnvVars

      #Options FollowSymLinks
      Options +Indexes +Includes +FollowSymLinks +MultiViews
      AllowOverride All
      Require all granted

      Asish 2 months ago Reply


  • Super, Super, Super… Really helpful my dear friend

    Anand Raju 2 months ago Reply


  • The procedure is great, but something went wrong on windows 10. Plus I had to use 1.0.2 SSL as another user did. When I try to restart my services the apache service will not start. There are not any errors logged either. I think it might have something to do with the port conflict.

    Tom Lee 2 months ago Reply


  • Hi Proy, good tutorial.

    So, I´m facing a problem here, after all the steps, I get an error where the mod_ssl cannot be loaded:
    “Cannot load modules/mod_ssl.so into server: %1 is not a valid Win32 application.”. At first I thought the problem was the Openssl version I got, which was the one you listed from google (x64). After trying the version WIN32 only said that the module couldn´t be loaded. I tried downloading the versions on Shining Light but also the same problem. Now when I start the Wamp server, the localhost is refusing all the requests.
    Any idea on where I can check?
    thanks

    Gustavo Marrara 2 months ago Reply


    • Further looking for a solution here, seems that the DLL files were not working and any of the ones I was finding online. Decided the pull them from the PHP 7 folder and now it´s working 🙂
      thanks again for the tutorial

      Gustavo Marrara 2 months ago Reply


  • Followed everything, but I am getting an error in my ssl error log :

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] AH02577: Init: SSLPassPhraseDialog builtin is not supported on Win32 (key file C:/wamp64/bin/apache/apache2.4.27/conf/sslkeycert/server.crt)

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] AH02564: Failed to configure encrypted (?) private key localhost:443:0, check C:/wamp64/bin/apache/apache2.4.27/conf/sslkeycert/server.crt

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] SSL Library Error: error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=RSA)

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] SSL Library Error: error:04093004:rsa routines:old_rsa_priv_decode:RSA lib

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag

    [Tue Oct 24 11:52:30.957450 2017] [ssl:emerg] [pid 1420:tid 632] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)

    Using the 64bit wamp , 64bit Google openssl files, and double checked everything was followed. Ideas?

    SM 2 months ago Reply


  • I downloaded OpenSSL from Shining Light, which is an exe installer, not a zip file. I installed it in the default location (“C:\OpenSSL-Win64”). My WAMP64 (v3.1.0) already contains all the files listed in Step 3. Do I still have to copy/paste those files from the OpenSSL package to Wamp?
    There is no ssleay32.dll in the OpenSSL package.

    Gilbert 1 month ago Reply


  • Thanks. But the problem is that I get error 403 forbidden by accessing https://localhost !
    What is the problem?

    Pooria 4 weeks ago Reply


  • Thanks, the tutorial worked perfectly!

    Ivan 3 weeks ago Reply


Leave A Reply