Setting up HTTPS support for WAMP

If you use WAMP to get local PHP server, you might run into issues to set up the HTTPS. The following step-by-step tutorial indeed helped me, and I think it would be useful to re-post it.
Recently I had to run a website with several https links under local server for testing and I had to configure the Open SSL server that comes with WAMP server. I'm sure it would be helpful for you as well.

  1. First thing first, we need to create that self-signed SSL certificate, so go to DOS command prompt (Start menu -> Run -> cmd).
  2. ext, we need to navigate to the directory that contains the openssl executive file which is located in folder C:\wamp\bin\apache\apache2.2.11\bin by default. In order to go there, we need to type the command as follows.
    Code: Select all
    cd\wamp\bin\apache\apache2.2.11\bin

  3. After press Enter, your prompt should change as follows
    Code: Select all
    c:\wamp\bin\apache\apache2.2.11\bin>

    From there, we begin to create the self-signed SSL certificate and the first command you have to type is as follows.
    Code: Select all
    openssl genrsa -aes256 -out pass.key 2048
  4. After press Enter and wait a little while, it should ask you for a pass phrase. Just type in anything but make sure you have to remember that for later use. Of course, it will ask you to verify the pass phrase.
    You may type test123 for testing.
  5. Now, we will create the key for our server. In this tutor guide for HTTPS SSL on WAMP, we will use our domain ExpertCore, but you should use your domain or design name instead.
    Code: Select all
    openssl rsa -in pass.key -out expertcore.key

  6. Next, it will ask you to enter the pass phrase that you have created before. Wait a little while for it to write the key for your server.
  7. Now is the time to type in the command to create our self-signed SSL certificate; since this command is quite long, you will see it takes more than one line, so make sure not to press the Enter key until you finish the whole command.
    Code: Select all
    openssl req -new -x509 -nodes -sha1 -key expertcore.key -out expertcore.crt -days 999 -config C:\wamp\bin\apache\apache2.2.11\conf\openssl.cnf

  8. After press Enter, it will ask you to input 2 letters that presents your country. You can enter LK, US, IN, JP, etc... that represents your country. Next you have to input your State or Province, City, Organization Name, Organization Unit Name, Common Name and Email address.
  9. Guess what, you just got yourself a self-signed SSL certificate. Now, open folder c:\wamp\bin\apache\apache2.2.11\conf and create a new folder "ssl" (without quotes).
  10. Then, from folder c:\wamp\bin\apache\apache2.2.11\bin, copy 2 files key and crt to ssl folder.
  11. Create another folder named as "logs" inside c:\wamp\bin\apache\apache2.2.11\conf\ssl. We save all HTTPS transaction and error logs in this folder.
  12. After that, go to folder c:\wamp\bin\apache\apache2.2.11\conf\extra to open file httpd-ssl.conf.
  13. Find this line:
    Code: Select all
    SSLSessionCache "shmcb:C:/Program Files/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"


    Replace with:
    Code: Select all
    SSLSessionCache "shmcb:C:/wamp/bin/Apache/apache2.2.11/conf/ssl/logs/ssl_scache(512000)"

  14. Next find this line:
    Code: Select all
    SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.crt"


    Remember to substitute expertcore with your domain to replace with:
    Code: Select all
    SSLCertificateFile "C:/wamp/bin/Apache/apache2.2.11/conf/ssl/expertcore.crt"

  15. Then find:
    Code: Select all
    SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.key"


    Again, substitute expertcore with your domain to replace:
    Code: Select all
    SSLCertificateKeyFile "C:/wamp/bin/Apache/apache2.2.11/conf/ssl/expertcore.key"

  16. Then find:
    Code: Select all
    SSLMutex "file:C:/Program Files/Apache Software Foundation/Apache2.2/conf/ssl/logs/ssl_mutex"


    Replace with:
    Code: Select all
    SSLMutex default

  17. In Virtual Host, find these lines: (ssl34.jpg).
    Code: Select all
    # General setup for the virtual host
    DocumentRoot "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs"
    ServerName localhost:443
    ServerAdmin admin@localhost
    ErrorLog "C:/Program Files/Apache Software Foundation/Apache2.2/logs/error_log"
    TransferLog "C:/Program Files/Apache Software Foundation/Apache2.2/logs/access_log"


    HTTPS SSL is the secure transaction which is good for sensitive informations such as Credit card numbers, membership accounts... however, it might slow down your server performances if everything go through it; thus, we suggest that you only set it to the specific directory that you want to use for SSL, and in this example, we use folder ssl:
    Code: Select all
    # General setup for the virtual host
    DocumentRoot "C:/wamp/www/ssl"
    ServerName expertcore:443
    ServerAdmin admin@localhost
    ErrorLog "C:/wamp/bin/Apache/apache2.2.11/conf/ssl/logs/ssl_error.log"
    TransferLog "C:/wamp/bin/Apache/apache2.2.11/conf/ssl/logs/ssl_access.log"

  18. Then find:
    Code: Select all
    <Directory "C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin">
    SSLOptions +StdEnvVars
    </Directory>


    Modify to become as below:
    Code: Select all
    <Directory "C:/wamp/www/ssl">
    SSLOptions +StdEnvVars
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
    </Directory>

  19. Then find:
    Code: Select all
    CustomLog "C:/Program Files/Apache Software Foundation/Apache2.2/logs/ssl_request_log" \"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"


    And change it as below:
    Code: Select all
    CustomLog "C:/wamp/logs/ssl_request.log" \
        "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

  20. Next, open file httpd.conf in folder c:\wamp\bin\apache\apache2.2.11\conf and find these lines:

    Code: Select all
    # Secure (SSL/TLS) connections
    #Include conf/extra/httpd-ssl.conf


    Uncomment the second line, and make sure there is no blank space in front of second line and in the end of first line or your wamp will not run:

    Code: Select all
    # Secure (SSL/TLS) connections
    Include conf/extra/httpd-ssl.conf

  21. After save and close all files, left click on WAMP tray icon and navigate to Apache modules and scroll down until you get ssl_module; then, left click on it to enable SSL on WAMP.
  22. Next, navigate to PHP extensions and scroll down until you get php_openssl; then, left click on it to enable open_ssl on WAMP.
  23. Left click on the WAMP tray icon and click on Restart all services.
  24. After that, open folder C:\wamp\bin\apache\apache2.2.11\bin and copy 2 files libeay32.dll and ssleay32.dll and paste them in folder C:\Windows\System32.
  25. Now is the time to test our HTTPS SSL on WAMP, so open your desire text editor and create a simple webpage index.html which is then saved in folder C:\wamp\www\ssl as follows:
    Code: Select all
    <html>
    <    body>
    <    font size="5" color="red">test SSL successful</font>
    </    body>
    </    html>

  26. Now is the time to run the created test file; open your desire browser and input the address bar as below, remember to replace expertcore with your domain or design name:
    Code: Select all
    https://expertcore....

  27. Oops, error... If using Firefox, you can left click on the line "Or you can add an exception...". Again, left click on the button "Add Exception".
  28. On the popup windows, left click on the button "Get Certificate".
  29. You have to left click on the button "Confirm Security Exception".
  30. The moment of success that show up the red line in your browser.
    SSL successful

This is not my work, this is re-post of user named Saman in ExpertCore.org forum (Source)

Comments

Post a Comment

Popular posts from this blog

Exporting Skype Chat/Skype Contacts to csv file using the shell script and sqlite3 (usually already installed on mac)

Edit: a very first draft version of Skype Exporter have been made and released. https://github.com/renesto/SkypeExportSwift/releases check it, and report any issues to renesto-at-gmail.com I heard there are not so many nice ways to get the chat history from skype, so I came across a page of one guy who shows a way to open the sql chat history database and delete all conversations. I thought to make something more from that idea (as delete chat history is now one of the options in skype) Create a file exportFromSkype.sh place either this text: sqlite3 -batch "$HOME/Library/Application Support/Skype/$1/main.db" < <EOF .mode csv .output $2.csv select * from Messages where dialog_partner = '$2'; .output stdout .exit EOF now make the script executable by running chmod +x exportFromSkype.sh now, when you want to export some chat history from certain person, you can do it by: sh exportFromSkype.sh your_skype_name your_friends_skype_name and i...
Read more

Javascript comparison operators

I came across very nice short explanation of the differences between == and === comparison operators. I have copied this into my blog just in case the post gets deleted from stackoverflow for whatever reason. The identity (===) operator behaves identically to the equality (==) operator except no type conversion is done, and the types must be the same to be considered equal. Reference: Javascript Tutorial: Comparison Operators The == operator will compare for equality after doing any necessary type conversions . The === operator will not do the conversion, so if two values are not the same type === will simply return false. It's this case where === will be faster, and may return a different result than ==. In all other cases performance will be the same. To quote Douglas Crockford's excellent JavaScript: The Good Parts , JavaScript has two sets of equality operators: === and !== , and their evil twins == and != . The good ones work the way you would expect. ...
Read more

SAS and Web/REST Service Calls

SAS offers a possibility to communicate with Web Services and REST services using a couple of tools. Most important products of SAS required to properly communicate with Web Services/REST Services are: PROC SOAP PROC HTTP XML Library Engine (xmlv2) The following examples show how are these coupled together: Calling and Parsing the Web Service using SAS Calling and Parsing the REST service using SAS
Read more