Knowledgebase

By default, we can’t use HTTPS for our WAMP connections. So here is the step-by-step tutorial on how I installed a self-signed SSL certificate on my local WAMP server to use HTTPS communication.

Step 1: Download and Install WAMP(Windows machine)

Download & install WAMP (Assuming that WAMP is installed, in my case, it’s on G:/ drive, I did it because I prefer to separate my projects from other files )

Step 2: Download OpenSSL

Download OpenSSL – Shining Light Productions choose the appropriate version according to your Operating system. I used “Win64 OpenSSL v1.1.0i Light“. While installing I have selected the default (C:\OpenSSL-Win64) installation folder.

Step 3: Create SSL Private Key and Certificate

Now we will generate a private key which is 2048bits encryption. “private.key” will be our key file. So to do that we need open the command-prompt and “Run as Administrator”. Go to the installed OpenSSL bin folder.

C:\OpenSSL-Win64\bin>

C:\OpenSSL-Win64\bin>

Once we are in the “bin” directory (Where the OpenSSL installed) type the following command to generate the private key. You will prompt to enter a pass-phrase (password) and also ask to verify the phrase, just enter any password(e.g. “localhost”) you like.
3.1. Generate the private key

openssl genrsa -aes256 -out private.key 2048

openssl genrsa -aes256 -out private.key 2048

Now we will remove the passphrase (WAMP doesn’t support pass-phrase for key) from the RSA private key. We will also take a backup copy of the original file. It’ll ask you the pass-phrase(use the password entered on step 3.1).

3.2. Private key backup

copy private.key private.key.backup

copy private.key private.key.backup

3.3. Removing the passphrase (use the password entered on step 3.1)

openssl rsa -in private.key.backup -out private.key

openssl rsa -in private.key.backup -out private.key

Now we will generate a self-signed certificate, which will be used to certify the connection for encrypted traffic. “certificate.crt” will be our certificate. This is a single line command.

3.4. Creating the certificate

openssl req -new -x509 -sha1 -key private.key -out certificate.crt -days 36500

openssl req -new -x509 -sha1 -key private.key -out certificate.crt -days 36500

You’ll be asked a few questions. Just make sure you enter your domain name (eg xxx.localhost.com), for Common Name (e.g. YOUR name). Once we are done, 2 files will be generated(private.key and certificate.crt) in “C:\OpenSSL-Win64\bin”

Step 4: Copy the Created SSL Key and Certificate file

Now, create a folder “key“at: “G:\wamp\bin\apache\apache2.4.23\conf\key” and copy “private.key” and “certificate.crt” to “key” folder.

Step 5: Open httpd.conf, php.ini & uncomment

Open “httpd.conf” in a text editor, located at “G:\wamp\bin\apache\apache2.4.23\conf\httpd.conf“. uncomment these lines by removing at# the beginning of the line, then save the file.

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Open “php.ini” in a text editor located at “G:\wamp\bin\php\php7.0.10\php.ini“. Check if this is uncommented.

extension=php_openssl.dll

extension=php_openssl.dll

Step 6: Open httpd-ssl.conf and make the final changes

Open “G:\wamp\bin\apache\apache2.4.23\conf\extra\httpd-ssl.conf“, Find “<VirtualHost _default_:443>” and below that line find and update below configuration according to your setup. Pay attention to the path, I ve created a folder “ssl” inside “G:/wamp/bin/apache/apache2.4.23/logs”

1. Change “SessionCache….” → SSLSessionCache “shmcb:G:/wamp/bin/apache/apache2.4.23/logs/ssl/ssl_scache(512000)”
2. Change “DocumentRoot …” → DocumentRoot “G:/wamp/www“
3. Change “ServerName…” → ServerName “localhost:443“
4. Change “ErrorLog….” → Errorlog “G:/wamp/bin/apache/apache2.4.23/logs/ssl/error.log“
5. Change “TransferLog ….” → TransferLog “G:/wamp/bin/apache/apache2.4.23/logs/ssl/access.log“
6. Change “SSLCertificateFile ….” → SSLCertificateFile “G:/wamp/bin/apache/apache2.4.23/conf/key/certificate.crt“
7. Change “SSLCertificateKeyFile ….” → SSLCertificateKeyFile “G:/wamp/bin/apache/apache2.4.23/conf/key/private.key“
8. On the same file replace ‘<Directory “c:/Apache24/cgi-bin”>‘ with ‘<Directory “G:/wamp/www”>’
9. On the same file Change “CustomLog….” → CustomLog “G:/wamp/bin/apache/apache2.4.23/logs/ssl/ssl_request.log“

Step 6: In Quick Version

Open "G:\wamp\bin\apache\apache2.4.23\conf\httpd.conf",
1. Add (Define SRVROOT "${INSTALL_DIR}") after (Define INSTALL_DIR e:/wamp)
2. Find "<VirtualHost _default_:443>" and below that line Change "DocumentRoot …" → DocumentRoot "${SRVROOT}/www"
3. Now, create a folder "conf"at: "G:\wamp" and copy "private.key" and "certificate.crt" to "key" folder.
4. Rename the private.key -> server.key and certificate.crt -> server.crt

Open "G:\wamp\bin\apache\apache2.4.23\conf\httpd.conf",
1. Add (Define SRVROOT "${INSTALL_DIR}") after (Define INSTALL_DIR e:/wamp)
2. Find "<VirtualHost _default_:443>" and below that line Change "DocumentRoot …" → DocumentRoot "${SRVROOT}/www"
3. Now, create a folder "conf"at: "G:\wamp" and copy "private.key" and "certificate.crt" to "key" folder.
4. Rename the private.key -> server.key and certificate.crt -> server.crt

Step 7: Copy PHP DDL files to windows

Copy ssleay32.dll & libeay32.dll from “G:\wamp\bin\php\php7.0.10” folder to “C:\windows\system32“.

Now restart all the services in WAMP server and try to load https://localhost/

Step 8: Test to make sure it works!

Now go back to command prompt window, from the G:\wamp\bin\apache\apache2.4.23\bin  type the following and check if you are getting Syntax is OK

httpd –t