Enable virtual hosts with self signed SSL on WAMP

Let’s say you have a website on you wamp server by name project. So there’s a directory project in your C:\wamp\www directory. Also visiting http://localhost/project on the browser takes us to your project website. Now we want to set up a virtual host with self signed SSL certificate so that we can visit our website on https://project.localhost.com. Below are the steps to achieve this.

Install OpenSSL

  • Install OpenSSL exe found at http://slproweb.com/products/Win32OpenSSL.html
    While installation the setup will ask you to select a directory for installation. Note the path.
    Let’s say you installed it in C:\ drive. So after installation you’ll have a directory like C:\OpenSSL-Win64.
  • Copy C:\wamp\bin\apache\apache2.4.9\conf\openssl.cnf to C:\Program Files\Common Files\SSL (Create SSL folder if it doesn’t exists)

Generate key and certificate

  • Open command prompt and cd to bin folder in above directory

    Type the below command

    It will ask you for a password and then later ask you verify it by reentering.
  • Then type below command

    In case you are having any other version than 2.4.9 of apache then change it in above command (Check the C:\wamp\bin\apache directory)
  • After above command you’ll be asked few questions. Just make sure you enter your domain name (eg abc.localhost.com) when asked for Common Name (e.g. server FQDN or YOUR name).
  • After entering details run the below command

    Since WAMP doesn’t support passphrase for key we’ll remove it
  • Now three files server.crt, server.key and servernopass.key should have been generated in bin folder. Copy the server.crt and servernopass.key.
    Create a new folder ‘ssl-certs’ in C:\wamp and paste the server.crt and servernopass.key files in this directory.

Update conf files to create new virtual host and include certificates

  • Open C:\wamp\bin\apache\apache2.4.9\conf\httpd.conf file in a text editor
    Remove the comment ‘#’ from the line

    So it should now look like

    Similary remove ‘#’ from below lines in same file

    Move the last line Include conf/extra/httpd_ssl.conf after the below line

  • Open C:\wamp\bin\apache\apache2.4.9\bin\php.ini in a text editor
    Make sure the following line is uncommented by removing the semicolon (;) from the beginning.

  • Now take a backup of C:\wamp\bin\apache\apache2.4.9\conf\extra\httpd_ssl.conf file. You can simply copy and paste it with a different name (httpd_ssl_original.conf) in the same folder. Now open the httpd_ssl.conf file, delete all the code inside it (we are assuming this is the first time you are setting up a SSL on your WAMP server) and paste the below code.
  • Similarly after taking a backup of C:\wamp\bin\apache\apache2.4.9\conf\extra\httpd-vhosts.conf file replace the code inside it with below one.

That’s it. Now in your browser visit https://project.localhost.com. You’ll get a security warning which is because we are usign the self signed certificate. If you are using Chrome browser then click on the advanced link at the bottom and then Proceed unsafe. You’ll now see the website over https.

Join the discussion

  1. Avatar
    Chadwick Choate says:

    Excellent tutorial and your instructions are on point. I am a self-taught cgi engineer and webmaster who specialized in Perl early on, in 1997. As such, my field of knowledge must include a vast array of disciplines. I work on all major platforms and recently took up WAMP on Windows 10 to test my work (love it). When writing applications for the Web I do a great deal of work with MOD_REWRITE to enable advanced security features and to protect the paths visible in the browser. Since OpenSSL began to appear, I began to force redirect all http traffic to the https port. Before I started to install OpenSSL on the WAMP server, I researched a number of instructions and none worked. That is until I found your excellent tutorial. I have a near photographic memory and need only read material once. After I read your tutorial, I was able to configure WAMP within 5 minutes and it worked on the first run. You are great “OH MIGHTY ONE” and I very much appreciate your sharing your knowledge and experience with the world. It is people like you who brought me to where I am today. Thank you.

    Excellent tutorial and your instructions are on point. I am a self-taught cgi engineer and webmaster who specialized in Perl early on, in 1997. As such, my field of knowledge must include a vast array of disciplines. I work on all major platforms and recently took up WAMP on Windows 10 to test my work (love it). When writing applications for the Web I do a great deal of work with MOD_REWRITE to enable advanced security features and to protect the paths visible in the browser. Since OpenSSL began to appear, I began to force redirect all http traffic to the https port. Before I started to install OpenSSL on the WAMP server, I researched a number of instructions and none worked. That is until I found your excellent tutorial. I have a near photographic memory and need only read material once. After I read your tutorial, I was able to configure WAMP within 5 minutes and it worked on the first run. You are great “OH MIGHTY ONE” and I very much appreciate your sharing your knowledge and experience with the world. It is people like you who brought me to where I am today. Thank you.
    In answer to Robert’s post: simply create your virtual host from the homepage in WAMP. Be sure to verify each virtual host you create is present in the Windows host file (C:/WINDOWS/system32/drivers/etc/hosts). Once this has been achieved, simply open httpd-ssl.conf and add the virtual host you wish to use with the certificate you created. You can add as many virtual hosts as you please. I also advise you add the following lines to your .htaccess file in the root of each domain you add:

    Options +FollowSymlinks
    RewriteEngine on
    # Force HTTPS
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    # Remove www from URL
    RewriteCond %{HTTP_REFERER} !^https://www.YOURDOMAIN.com [NC]
    RewriteCond %{HTTP_REFERER} !^https://YOURDOMAIN.com [NC]

  2. Avatar
    peter says:

    hi.

    i’ve i little problem: i need to have into my wamp local installation two virtual hosts (one for siteA, and another for siteB).

    Basically i wish to have at the end something like https://siteA and https://siteB

    so, do I have to repeat all the procedure for each site?
    or there are other passages i have to do?

    thanks in advance for your reply!

    peter

  3. Avatar

    This did not work. I got

    “This site can’t be reached”

    THE FIX: You must add it to your “hosts” file….

    C:\Windows\System32\drivers\etc

    edit the “hosts” file (the one with no extension) to include:

    127.0.0.1 project.localhost.com
    ::1 project.localhost.com

    THEN IT WILL WORK!

    TIP: To edit the hosts file, click the windows start button, type “notepad” and then when you see the icon right-click and choose “Run as administrator” then from notepad navigate to C:\Windows\System32\drivers\etc and change “Text documents (*.txt)” to “All Files (*.*)” and then you can click on “hosts”

  4. Avatar
    CHIL says:

    Include conf/extra/httpd-ssl.conf, NOT Include conf/extra/httpd_ssl.conf

    Not working in my case, Apache is not starting + no error logs

  5. Avatar
    Chris says:

    Worked like a charm, thank you for this guide!

    There was one slight issue:
    Instead of Include conf/extra/httpd_ssl.conf
    its Include conf/extra/httpd-ssl.conf

  6. Avatar
    Tze Lei says:

    Hi, Robert! I just succeeded in adding a vhost w/ ssl support.

    You basically repeat the process that worked for your localhost private-key, certificate-signing-request, and certificate, EXCEPT the files you create will have filenames that reflect your vhost (instead of localhost).

    So, for each vhost that needs ssl, you’ll end up with separate .key, .csr, and .crt files unique to that particular vhost.

    Then, you just add a block for the vhost into your httpd-ssl.conf. (I’m assuming you already have the unsecure block already created in your httpd-vhosts.conf.)

    Hope this helps! 🙂

  7. Avatar
    Robert says:

    Thank you for the detailed description. I have been searching for a few days to find out if it is possible to generate one OpenSSL certificate to be used by WAMP that will cover all virtual hosts regardless of the virtual host names. I cannot find any statement saying such cannot be accomplished, but, I can’t find where it specifically says it can be done, and then how to do it.

Leave a Reply

Your email address will not be published. Required fields are marked *