Installing SSL using OpenSSL on a WAMP localhost

Cryptographically secure pseudorandom number g...

Image via Wikipedia

I’m working on a project that is requiring me to use SSL (to make a https connection) on my local installation of WAMP.  After much searching and a couple tries, it appears that I finally got it working.  This post should be useful to anyone who is trying to do the same.

Before starting with all the key stuff, I installed the OpenSSL binaries for Windows into the System directory.

The following is ripped from a comment buried on  Your paths may be slightly different.. so change them appropriately.



Again in the command prompt, go to C:\wamp\Apache2\bin and run the following command:

openssl req -new > webserver.csr

The command runs and prompts you to enter a PEM pass phrase and verify it. Since we are doing this locally, just put in some sort of “password”, but write it down, because you will need it in the next step.

It will then ask you to enter information that will be incorporated into your certificate request. When the command finishes, it has created several files, including privkey.pem, in c:\wamp\apache2\bin.



Run the following command:

openssl rsa -in privkey.pem -out webserver.key

You will be prompted for the pass phrase from the previous step. The RSA key is written and the file webserver.key is now available in the folder.



Run the following command to create a certificate which expires after one year:

openssl x509 -in webserver.csr -out webserver.cert -req -signkey webserver.key -days 365



Create a folder c:\wamp\OpenSSL with the following subfolders:


Copy the following files to /certs/:


Copy the following files to /private/:

cacert.pem (same as above, just a wild guess) [<em>i skipped this part ^Joel</em>]



Change the following lines, adjusting the email address and the paths to your settings:

SSLSessionCache "shmcb:C:/wamp/Apache2/logs/ssl_scache(512000)"
SSLMutex default
# General setup for the virtual host
DocumentRoot "C:/www/mysecuresite"
ServerName localhost:443
ErrorLog "C:/wamp/logs/mysecuresite_error_log"
TransferLog "C:/wamp/logs/mysecuresite_access_log"
SSLCertificateFile "C:/wamp/OpenSSL/certs/webserver.cert"
SSLCertificateKeyFile "C:/wamp/OpenSSL/certs/webserver.key"
SSLCARevocationPath "C:/wamp/OpenSSL/crl"
CustomLog "C:/wamp/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"



There is a file openssl.cnf in c:\wamp\Apache2\conf even though no extension is shown in Windows Explorer. Go to the DOS command prompt and run DIR to see the file extension. Make a backup copy of this file first and rename it in DOS to openssl.cnf.txt so that you can edit it.

Modify the base directory:

dir	 = c:/wamp/OpenSSL	# Where everything is kept

Go to the DOS prompt and change the name of the file back to openssl.cnf.



Last, but not least, make sure your secure site is part of the virtual hosts in Apache:

# Secure (SSL/TLS) connections
#Include conf/extra/httpd-ssl.conf
Include conf/extra/httpd-ssl.conf


Ensure SSL is Enabled
Make sure that Apache is setup to even use SSL.
Do this by clicking the WAMP icon in your tray,
hovering to: Apache > Apache Modules,
scroll through the list and make sure that ssl_module has a check next to it.
If not, then click it.



Run httpd –t and make sure the syntax is OK.

Restart Apache.

Check that port 443 is open by running the following in the command prompt:

netstat -an | more

Test the https connection from your browser and hopefully it works 🙂

Be Sociable, Share!
This entry was posted in Software and tagged , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>


This site uses Akismet to reduce spam. Learn how your comment data is processed.