Tips and tricks on developing web sites

Setting up Apache for SSL/HTTPS

There are a lot of ways to do this, and it can be quite frustrating depending on what path you decide to take. This method works for me. Open C:\Apache24\conf\httpd.conf in your text editor. Change the following lines:

#LoadModule ssl_module modules/mod_ssl.so   Remove Comment
LoadModule ssl_module modules/mod_ssl.so
#Include conf/extra/httpd-ssl.conf  Remove Comment
Include conf/extra/httpd-ssl.conf
#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so  Remove Comment
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Using your text editor make a batch file in C:\Apache24 called makecert.bat. Edit the file adding the line:

bin\openssl req -x509 -sha256 -newkey rsa:2048 -keyout conf\server.key -out conf\server.crt -days 999 -nodes -subj "/CN=www.example.com" -addext "subjectAltName=DNS:www.example.com" -config example.cnf

Make another file called example.cnf and add the following. You can change the C, ST, L, O, OU values to anything you want- they aren’t important.

[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
[req_distinguished_name]
C = US
ST = STATE
L = ANYWHERE
O = MYCOMPANY
OU = IT
CN = www.example.com
[v3_req]
keyUsage = critical, digitalSignature, keyAgreement
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = www.example.com
DNS.2 = example.com
DNS.3 = example.net

Go to a command prompt (Windows key+R type CMD) and move to the Apache directory cd\apache24\. Type makecert.bat and enter. You will get a message saying a new private key has been generated. Look in C:\Apache24\conf and you should see files called server.key and server.crt

Edit C:\xampp\apache\conf\extra\httpd-vhosts.conf and add this section to the end of the file. You would replace public_html with your addon-domain name if you were adding one (it would be folder example.com in this case)

<VirtualHost *:443>
	ServerName example.com
	ServerAlias example.com *.example.com
	DocumentRoot "c:/apache24/htdocs/public_html"	
	<Directory "c:/apache24/htdocs/public_html">
	</Directory>	
	ServerAdmin info@example.com
	ErrorLog "logs/example.com-error.log" 
	CustomLog "logs/example.com-access.log" common	
	SSLEngine on
	SSLCertificateFile "conf/server.crt"
	SSLCertificateKeyFile "conf/server.key"
</VirtualHost>

Start the Apache Server (run c:\Apache24\bin\httpd.exe) or stop and start it if you run as a service. Apache Monitor is handy for doing this too. In the browser, enter https://example.com. You will get a nasty certificate warning, but that’s ok because your certificate doesn’t have a valid authority. Click on advanced and choose to continue at the bottom of the window.