Tips and tricks on developing web sites

Setting up Apache for SSL/HTTPS

There are a lot of ways to do this, and it can be quite frustrating depending on what path you decide to take. This method works for me. Open C:\Apache24\conf\httpd.conf in your text editor. Change the following lines:

#LoadModule ssl_module modules/   Remove Comment
LoadModule ssl_module modules/
#Include conf/extra/httpd-ssl.conf  Remove Comment
Include conf/extra/httpd-ssl.conf
#LoadModule socache_shmcb_module modules/  Remove Comment
LoadModule socache_shmcb_module modules/

Using your text editor make a batch file in C:\Apache24 called makecert.bat. Edit the file adding the line:

bin\openssl req -x509 -sha256 -newkey rsa:2048 -keyout conf\server.key -out conf\server.crt -days 999 -nodes -subj "/" -addext "" -config example.cnf

Make another file called example.cnf and add the following. You can change the C, ST, L, O, OU values to anything you want- they aren’t important.

distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
C = US
CN =
keyUsage = critical, digitalSignature, keyAgreement
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
DNS.1 =
DNS.2 =
DNS.3 =

Go to a command prompt (Windows key+R type CMD) and move to the Apache directory cd\apache24\. Type makecert.bat and enter. You will get a message saying a new private key has been generated. Look in C:\Apache24\conf and you should see files called server.key and server.crt

Edit C:\xampp\apache\conf\extra\httpd-vhosts.conf and add this section to the end of the file. You would replace public_html with your addon-domain name if you were adding one (it would be folder in this case)

<VirtualHost *:443>
	ServerAlias *
	DocumentRoot "c:/apache24/htdocs/public_html"	
	<Directory "c:/apache24/htdocs/public_html">
	ErrorLog "logs/" 
	CustomLog "logs/" common	
	SSLEngine on
	SSLCertificateFile "conf/server.crt"
	SSLCertificateKeyFile "conf/server.key"

Start the Apache Server (run c:\Apache24\bin\httpd.exe) or stop and start it if you run as a service. Apache Monitor is handy for doing this too. In the browser, enter You will get a nasty certificate warning, but that’s ok because your certificate doesn’t have a valid authority. Click on advanced and choose to continue at the bottom of the window.