How to Enable HTTPS / SSL on WAMP Server

-


Why Would I Need HTTPS / SSL on WampServer?

The time has come for all websites to migrate to HTTPS. Effective July 2018, Google’s Chrome browser will mark non-HTTPS sites as “not secure”. Google has been pushing webmasters to make the change to non-secure websites for many years now including hinting at small rankings boost. SSL stands for “Secure Sockets Layer” and when a website owner has one, all data passed between web browsers and servers is private and encrypted.

WampServer is a great tool for building a website on your local computer but as of right now it does not support HTTPS / SSL out of the box. Building your website from the ground up with HTTPS / SSL in mind can save you a lot of problems when you finally do put your site online. In the tutorial below, I will show you how to set up HTTPS / SSL for WampServer using OpenSSL.

Step 1: Download and Install WampServer

Wampserver is available in both 32 and 64 bit. Make sure you select the correct installer for your version of Windows. Wampserver is not compatible with Windows XP, SP3, or Windows Server 2003. The latest version of WampServer can be found here https://sourceforge.net/projects/wampserver/.

Step 2: Download and Install OpenSSL

OpenSSL is available in both 32 and 64 bit. Make sure you select the correct installer for your version of Windows. You can find the latest version of OpenSSL here https://slproweb.com/products/Win32OpenSSL.html. Navigate to your downloads folder and double click the installer. When Installing OpenSSL leave all settings default.

Step 3: Create Your Key and Certificate

Open your start menu and Load Command Prompt as an Administrator and run the following commands.

First, we will need to change our directory to where we installed OpenSSL.

cd c:/program files/openssl-win64/bin/
Batch

Next, we will create our private key. You will be asked for a passphrase. Make it anything you want just make sure you remember it for the next step.

openssl genrsa -aes256 -out private.key 2048
Batch
openssl rsa -in private.key -out private.key
Batch

Next, we will create our certificate. You will be asked several questions on this step. You can put whatever you like or just hit enter to leave it at default. The only one that really matters is Common Name (e.g. server FQDN) you will need to type “localhost” for this.

openssl req -new -x509 -nodes -sha1 -key private.key -out certificate.crt -days 36500
Batch

Step 4: Move Your Key and Certificate

Create a folder named “key” in the c:/wamp64/bin/apache/apache2.4.41/conf/ directory.

Navigate to c:/program files/openssl-win64/bin/ to find the certificate.crt and private.key that you just created. Both of these need to be moved to the new folder c:/wamp64/bin/apache/apache2.4.41/conf/key/.

Step 5: Edit Your httpd.conf File

Open c:/wamp64/bin/apache/apache2.4.41/conf/httpd.conf and un-comment (remove the #) the following 3 lines:

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Apache Configuration

Step 6: Edit Your httpd-ssl.conf File

Open c:/wamp64/bin/apache/apache2.4.41/conf/extra/httpd-ssl.conf and change all the parameters to the ones shown below.

DocumentRoot "c:/wamp64/www"
ServerName localhost:443
ServerAdmin admin@example.com
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
SSLSessionCache "shmcb:${SRVROOT}/logs/ssl_scache(512000)"
SSLCertificateFile "${SRVROOT}/conf/key/certificate.crt"
SSLCertificateKeyFile "${SRVROOT}/conf/key/private.key"
CustomLog "${SRVROOT}/logs/ssl_request.log"
Apache Configuration

DocumentRoot needs to be set to the location of your website files. ServerName can be “localhost” or however you choose to access the website in your web browser “example.com”.

Step 7: Restart WampServer

Everything should be set up now. Make sure you restart WampServer for the changes to take effect. If you see a green WAMP icon everything should be right. If the icon is orange there is a problem with your syntax somewhere.

You can run c:/wamp64/bin/apache/apache2.4.41/bin/httpd -t in command prompt and if there are any syntax errors they will be listed.

You should now be able to access your website with HTTPS / SSL enabled.

Keep in mind that you will still get a “not secure” warning in your web browser. Just add an exception and you will be able to access the website. This is a self-signed certificate and is for development purposes only.

Comments

Post a Comment

Popular posts from this blog

How to download a file using command prompt (cmd) Windows?

-
Image
If you’re like most Internet users, you download various types of files now and then. You either download these files with your web browser or some download manager software. Have you ever considered downloading files using the command prompt i.e. CMD? If not, we recommend you to try it. It’s quite interesting apart from being very useful as well. In this article, we’ll show you how to download a file using command prompt aka CMD. How to download a file using command prompt?   There are several useful commands for the Command Prompt and one of them is  bitsadmin . Though bitsadmin has several uses, here we shall limit this article to its role in downloading files only. If you want to read the details about bitsadmin syntax, continue reading this section. Otherwise, you can scroll down to the next section –  Downloading a file .   The syntax of bitsadmin is : BITSADMIN [/RAWRETURN] [/WRAP | /NOWRAP] command   As you know, the parts of the syntax inside the square bra
Read more

The future of Artificial Intelligence: 6 ways it will impact everyday life

-
Image
Technology moves at breakneck speed, and we now have more power in our pockets than we had in our homes in the 1990s. Artificial intelligence (AI) has been a fascinating concept of science fiction for decades, but many researchers think we’re finally getting close to making AI a reality.  NPR notes that in the last few years, scientists have made breakthroughs in “machine learning,” using neural networks, which mimic the processes of real neurons. This is a type of “deep learning” that allows machines to process information for themselves on a very sophisticated level, allowing them to perform complex functions like facial recognition. Big data is speeding up the AI development process, and we may be seeing more integration of AI technology in our everyday lives relatively soon. While much of this technology is still fairly rudimentary at the moment, we can expect sophisticated AI to one day significantly impact our everyday lives. Here are 6 ways AI might affect us in the futu
Read more

How to Include ThreeJs in Your Projects

-
Image
HOW TO INCLUDE three.js IN YOUR PROJECTS There are quite a few different ways to include three.js in your JavaScript application, some of them simple, some of them a little more complex, however, they all boil down to one simple idea: you need to include one (and  only one) of these three files in your project: three.js three.min.js three.module.js You can view them all  on the three.js GitHub repo , which we’ll explore in the next chapter. Each of these files a version of the three.js core, meaning that once you’ve included one of them in your application, you are all ready to get started in creating beautiful 3D scenes. There are two main ways to include these files in your project: include them in a  script tag  in your HTML import them directly into your JavaScript files. We’ll explore how to do in Section Two What’s the Difference Between these Files? The  three.js  file is intended to be included in a  <script>  tag in your  index.html  file, like s
Read more