[Windows] SSL/HTTPS Certificate with XAMPP
1 - v3.ext:
Create a file v3.ext in C:/xampp/apache/ and paste the following content:
v3.ext
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = localhost
IP = 127.0.0.12 - makecert.bat:
Edit makecert.bat in C:/xampp/apache/ following the example below:
makecert.bat
@echo off
set OPENSSL_CONF=./conf/openssl.cnf
if not exist .\conf\ssl.crt mkdir .\conf\ssl.crt
if not exist .\conf\ssl.key mkdir .\conf\ssl.key
bin\openssl req -new -out server.csr
bin\openssl rsa -in privkey.pem -out server.key
bin\openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 500 -sha256 -extfile v3.ext
set OPENSSL_CONF=
del .rnd
del privkey.pem
del server.csr
move /y server.crt .\conf\ssl.crt
move /y server.key .\conf\ssl.key
echo.
echo -----
echo The certificate was provided.
echo.
pause3 - Create the Certificate:
Execute the makecert.bat.
A window with several questions will appear on the screen which you will need to answer:
Creating the Certificate
Generating a RSA private key
……………………………………………..+++++
……………………………………………………………………………+++++
writing new private key to 'privkey.pem'
Enter PEM pass phrase:CREATE A PASSWORD
Verifying - Enter PEM pass phrase:Re-enter the PASSWORD
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Estate
Locality Name (eg, city) []:City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Name
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:Name
Email Address []:[email protected]
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Enter pass phrase for privkey.pem: Re-enter the PASSWORD
writing RSA key
Signature ok
subject=C = US, ST = Estate, L = City, O = WebiG, CN = localhost, emailAddress = [email protected]
Getting Private key
Não foi possível encontrar C:\xampp\apache\.rnd
1 arquivo(s) movido(s).
1 arquivo(s) movido(s).
-----
The certificate was provided.
Press any key to continue. . .With the Certificate created, you need to restart Apache so that it can execute the new certificates.
4 - Install the Certificate:
Go to C:\xampp\apache\conf\ssl.crt and open server.crt;
Click in the button Install Certificate;
Select Actual User;
Select “Place all certificates in the following repository” and click “Browse”.
In the new window that opens, select “Trusted Root Certification Authorities” and click “Ok” and then click “Next” and finally “Finish”.
To conclude, restart Apache in the XAMPP Administrative Panel, that is, stop and start it again.
If everything worked, when updating https://localhost or https://127.0.0.1 in the browser, the lock should be activated and the page loaded.
5 - Changing Apache and SSL VirtualHost Port:
To change Apache Port to 8080, go to C:\xampp\apache\conf\ and edit httpd.conf:
Find for:
Listen 80Change to:
Listen 8080To change the SSL VirtualHost Port to 8080, go to C:\xampp\apache\conf\extra and edit httpd-ssl.conf:
Comment this VirtualHost:
Add this VirtualHost below:
Then the SSL/HTTPS will work with Port 8080.
Restart Apache in the XAMPP Administrative Panel.
6 - Credits:
Majesty (Apache and SSL VirtualHost Port)
Last updated