[Windows] SSL/HTTPS Certificate with XAMPP

1 - v3.ext:

Create a file v3.ext in C:/xampp/apache/ and paste the following content:

v3.ext

authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = localhost
IP = 127.0.0.1

2 - makecert.bat:

Edit makecert.bat in C:/xampp/apache/ following the example below:

makecert.bat

@echo off
set OPENSSL_CONF=./conf/openssl.cnf

if not exist .\conf\ssl.crt mkdir .\conf\ssl.crt
if not exist .\conf\ssl.key mkdir .\conf\ssl.key

bin\openssl req -new -out server.csr
bin\openssl rsa -in privkey.pem -out server.key
bin\openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 500 -sha256 -extfile v3.ext

set OPENSSL_CONF=
del .rnd
del privkey.pem
del server.csr

move /y server.crt .\conf\ssl.crt
move /y server.key .\conf\ssl.key

echo.
echo -----
echo The certificate was provided.
echo.
pause

3 - Create the Certificate:

Execute the makecert.bat.
A window with several questions will appear on the screen which you will need to answer:

Creating the Certificate

Generating a RSA private key
……………………………………………..+++++
……………………………………………………………………………+++++
writing new private key to 'privkey.pem'
Enter PEM pass phrase:CREATE A PASSWORD

Verifying - Enter PEM pass phrase:Re-enter the PASSWORD

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,

If you enter '.', the field will be left blank.

Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Estate
Locality Name (eg, city) []:City 
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Name
Organizational Unit Name (eg, section) []: 
Common Name (e.g. server FQDN or YOUR name) []:Name
Email Address []:email@example.com 

Please enter the following 'extra' attributes 
to be sent with your certificate request 
A challenge password []: 
An optional company name []: 
Enter pass phrase for privkey.pem: Re-enter the PASSWORD
writing RSA key 
Signature ok 
subject=C = US, ST = Estate, L = City, O = WebiG, CN = localhost, emailAddress = email@example.com
Getting Private key 
Não foi possível encontrar C:\xampp\apache\.rnd 
    1 arquivo(s) movido(s). 
    1 arquivo(s) movido(s). 

-----
The certificate was provided. 

Press any key to continue. . .

With the Certificate created, you need to restart Apache so that it can execute the new certificates.

4 - Install the Certificate:

Go to C:\xampp\apache\conf\ssl.crt and open server.crt;
Click in the button Install Certificate;
Select Actual User;
Select “Place all certificates in the following repository” and click “Browse”.
In the new window that opens, select “Trusted Root Certification Authorities” and click “Ok” and then click “Next” and finally “Finish”.
To conclude, restart Apache in the XAMPP Administrative Panel, that is, stop and start it again.
If everything worked, when updating https://localhost or https://127.0.0.1 in the browser, the lock should be activated and the page loaded.

5 - Changing Apache and SSL VirtualHost Port:

To change Apache Port to 8080, go to C:\xampp\apache\conf\ and edit httpd.conf:
Find for:
Listen 80
Change to:
Listen 8080
To change the SSL VirtualHost Port to 8080, go to C:\xampp\apache\conf\extra and edit httpd-ssl.conf:
Comment this VirtualHost:

#<VirtualHost _default_:443>

Add this VirtualHost below:

<VirtualHost *:443 *:8080>

Then the SSL/HTTPS will work with Port 8080.
Restart Apache in the XAMPP Administrative Panel.

6 - Credits:

WEBIG
Majesty (Apache and SSL VirtualHost Port)

Last updated 4 months ago