1

I am new to SSL, so please bear with me.

I created a web application on a WAMP 2.4.4 installation. Everything worked flawlessly until I tried to activate SSL and create a self-signed certificate. I had trouble finding instructions for installing a self-signed certificate on the current version of WAMP (2.4.4) so I had to make do with what I could find.

At first I was unable to generate a self signed certificate, but when I followed the instructions in this post, it worked: https://stackoverflow.com/a/17718557/801483

I followed the instructions in the links below to create a self signed certificate and as far as I can tell, it worked. However, Apache did not restart once I added everything to the .conf files.

  1. http://www.expertcore.org/viewtopic.php?t=1809
  2. http://forum.wampserver.com/read.php?2,116588,116636
  3. http://www.learnfromit.co/2013/02/steps-for-making-wamp-server-work-with.html

The WAMP server is set up as localhost in the default WAMP www directory (C:\wamp\www), however I have a separate URL for the subfolder the web application is installed in (C:\wamp\www\webapp_directory). I can't see how this would affect the ssl installation, but I figured I should mention it just in case.

I also noticed that the instructions say to find SSLMutex in the httpd-ssl.conf file, but this does not exist in the original httpd-ssl.conf file. I tried putting in the recommended lines "SSLMutex default" and "Mutex default ssl-cache" but neither one made a difference.

Below is my httpd-ssl.conf file after activating SSL with the self signed certificate. I replaced sensitive information with descriptive text inside of brackets [example].

I would appreciate any help with this!

Listen [server IP]:443
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLPassPhraseDialog  builtin
SSLSessionCache "shmcb:c:/wamp/bin/apache/Apache2.4.4/ssl/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300
<VirtualHost _default_:443>
    DocumentRoot "c:/wamp/www/[webapp directory]"
    ServerName localhost:443
    ServerAdmin admin@localhost
    ErrorLog "c:/wamp/bin/apache/Apache2.4.4/ssl/logs/ssl_error.log"
    TransferLog "c:/wamp/bin/apache/Apache2.4.4/ssl/logs/ssl_access.log"
    SSLEngine on
    SSLCertificateFile "c:/wamp/bin/apache/Apache2.4.4/ssl/[cert name].crt"
    SSLCertificateKeyFile "c:/wamp/bin/apache/Apache2.4.4/ssl/[key name].key"
    Mutex default ssl-cache
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory "c:/wamp/www/[webapp directory]">
        SSLOptions +StdEnvVars
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
    </Directory>
    BrowserMatch "MSIE [2-5]" \
    nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0
    CustomLog "c:/wamp/logs/ssl_request.log" \
    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Community
  • 1
  • 1
trice
  • 35
  • 1
  • 8
  • Probably better asked on http://serverfault.com., – ficuscr Feb 11 '14 at 17:37
  • Did not restart how? Certs are generally password protected by default, and wamp could just be waiting for that password to be entered so it can decrypt the cert. – Marc B Feb 11 '14 at 18:22
  • There was nothing in the apache error log or ssl error log after restarting wamp. The WAMP icon stayed orange and I verified that the MySQL service was started. How would I enter that password for wamp? – trice Feb 11 '14 at 18:55
  • Generally I don't recommend putting passwords on SSL keys because it requires a privileged human be present to manually restart Apache from the command line and enter the password. – Sammitch Feb 11 '14 at 20:08
  • I verified that the SSL key does not have a password on it. – trice Feb 11 '14 at 20:55

1 Answers1

0

I resolved this issue shortly after I posted this question but forgot to update it here. As soon as I disabled SSLMutex, the self signed certificate worked flawlessly.

trice
  • 35
  • 1
  • 8