Setting up SSL on a local xampp/apache server

Question

I'm trying to access a Active Directory from my local webserver. To do this I'm using the latest version of xampp and a PHP script called adLDAP. If I understand things right, I need to enable SSL to access https URLs. I've tried to google it but with no luck :( Could anyone link a tutorial or explain to me how to install SSL on xampp/apache for windows 7 64bit? Any help would be appreciated :)

When I navigate to \adLDAP\examples\authenticate.php this file redirects me to a https:// url. Firefox displays Access forbidden! Error 403 because I don't have SSL enabled. — horgen, Apr 15 '10 at 08:01

VolkerK · Accepted Answer · 2010-04-15T08:32:38.997

28

Apache part - enabling you to open https://localhost/xyz

There is the config file xampp/apache/conf/extra/httpd-ssl.conf which contains all the ssl specific configuration. It's fairly well documented, so have a read of the comments and take look at http://httpd.apache.org/docs/2.2/ssl/. The files starts with <IfModule ssl_module>, so it only has an effect if the apache has been started with its mod_ssl module.

Open the file xampp/apache/conf/httpd.conf in an editor and search for the line

#LoadModule ssl_module modules/mod_ssl.so

remove the hashmark, save the file and re-start the apache. The webserver should now start with xampp's basic/default ssl confguration; good enough for testing but you might want to read up a bit more about mod_ssl in the apache documentation.

PHP part - enabling adldap to use ldap over ssl

adldap needs php's openssl extension to use "ldap over ssl" connections. The openssl extension ships as a dll with xampp. You must "tell" php to load this dll, e.g. by having an extension=nameofmodule.dll in your php.ini
Run

echo 'ini: ', get_cfg_var('cfg_file_path');

It should show you which ini file your php installation uses (may differ between the php-apache-module and the php-cli version).
Open this file in an editor and search for

;extension=php_openssl.dll

remove the semicolon, save the file and re-start the apache.

see also: http://docs.php.net/install.windows.extensions

edited Apr 15 '10 at 08:32

answered Apr 15 '10 at 08:01

VolkerK

95,432
20
163
226

1

the echo line gives this answer: C:\xampp\php\php.ini but there is no ;extension=php_openssl.dll in this file. I checked the \php\ext folder aswell and there is no php_openssl.dll :\ – horgen Apr 15 '10 at 08:12
Which version of xampp do you use? – VolkerK Apr 15 '10 at 08:18
Not sure if this info is helpfull, but: phpinfo() [openssl] OpenSSL support: enabled - OpenSSL Library Version: OpenSSL 0.9.8l 5 Nov 2009 - OpenSSL Header Version: OpenSSL 0.9.8l 5 Nov 2009 [Phar] ... Native OpenSSL support: enabled [PHP Variables] ... _SERVER["OPENSSL_CONF"] C:/xampp/apache/bin/openssl.cnf -- wow, this comment was messy :S wtb linebreak – horgen Apr 15 '10 at 08:23
I'm using XAMPP version 1.7.3 – horgen Apr 15 '10 at 08:28
1

ok, then php_openssl is already enabled. Take a look at the first part of the revised answer. – VolkerK Apr 15 '10 at 08:28
Thanks alot for your help so far. I will get back to you when I've done some testing :) – horgen Apr 15 '10 at 08:40
stupid question: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt <- where do i type this command? tried cmd and openssl.exe :S – horgen Apr 15 '10 at 09:50
1

There's a openssl.exe in xampp/apache/bin. And there's most likely a question (or two) related to how to create certificates under win32 either here on stackoverflow or on http://serverfault.com – VolkerK Apr 15 '10 at 11:14
o m g. Looks like https worked when i reinstalled xampp and used the default htdocs folder. :P – horgen Apr 16 '10 at 06:45
2

@VolkerK, thanks, this post helped a lot. For future searchers, the `extension=php_openssl.dll` line is actually missing from `php.ini` on XMAPP 1.7.4...but that is an easy fix. – Courtney Christensen Aug 17 '11 at 05:29

score 6 · Answer 2 · answered Aug 19 '12 at 06:23

6

It turns out that OpenSSL is compiled and enabled in php 5.3 of XAMPP 1.7.2 and so no longer requires a separate extension dll.

However, you STILL need to enable it in your PHP.ini file the line extension=php_openssl.dll

answered Aug 19 '12 at 06:23

Flak DiNenno

2,193
4
30
57

score 4 · Answer 3 · answered Jun 12 '13 at 22:20

I did most of the suggested stuff here, still didnt work. Tried this and it worked: Open your XAMPP Control Panel, locate the Config button for the Apache module. Click on the Config button and Select PHP (php.ini). Open with any text editor and remove the semi-column before php_openssl. Save and Restart Apache. That should do!

score 2 · Answer 4 · answered May 04 '16 at 19:08

You can enable SSL on XAMPP by creating self signed certificates and then installing those certificates. Type the below commands to generate and move the certificates to ssl folders.

openssl genrsa -des3 -out server.key 1024

openssl req -new -key server.key -out server.csr

cp server.key server.key.org

openssl rsa -in server.key.org -out server.key

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

cp server.crt /opt/lampp/etc/ssl.crt/domainname.crt

cp server.key /opt/lampp/etc/ssl.key/domainname.key

(Use sudo with each command if you are not the super user)

Now, Check that mod_ssl is enabled in [XAMPP_HOME]/etc/httpd.conf:

LoadModule ssl_module modules/mod_ssl.so

Add a virtual host, in this example "localhost.domainname.com" by editing [XAMPP_HOME]/etc/extra/httpd-ssl.conf as follows:

<virtualhost 127.0.1.4:443>
    ServerName localhost.domainname.com
    ServerAlias localhost.domainname.com *.localhost.domainname.com
    ServerAdmin admin@localhost

    DocumentRoot "/opt/lampp/htdocs/"

    DirectoryIndex index.php

    ErrorLog /opt/lampp/logs/domainname.local.error.log
    CustomLog /opt/lampp/logs/domainname.local.access.log combined

    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /opt/lampp/etc/ssl.crt/domainname.crt
    SSLCertificateKeyFile /opt/lampp/etc/ssl.key/domainname.key

    <directory /opt/lampp/htdocs/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Order allow,deny
            Allow from all
    </directory>
    BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</virtualhost>

Add the following entry to /etc/hosts:

127.0.1.4 localhost.domainname.com

Now, try installing the certificate/ try importing certificate to browser. I have checked this and this worked on Ubuntu.

score 1 · Answer 5 · answered Apr 22 '17 at 21:44

I have been through all the answers and tutorials over the internet but here are the basic steps to enable SSL (https) on localhost with XAMPP:

Required:

Run -> "C:\xampp\apache\makecert.bat" (double-click on windows) Fill passowords of your choice, hit Enter for everything BUT define "localhost"!!! Be careful when asked here:

Common Name (e.g. server FQDN or YOUR name) []:localhost

(Certificates are issued per domain name zone only!)
Restart apache
Chrome -> Settings -> Search "Certificate" -> Manage Certificates -> Trusted Root Certification Authorities -> Import -> "C:\xampp\apache\conf\ssl.crt\server.crt" -> Must Ask "YES" for confirmation!
https://localhost/testssl.php -> [OK, Now Green!] (any html test file)

Optional: (if above doesn't work, do more of these steps)

Run XAMPP As admin (Start -> XAMPP -> right-click -> Run As Administrator)
XAMPP -> Apache -> Config -> httpd.conf ("C:\xampp\apache\conf\httpd.conf")

LoadModule ssl_module modules/mod_ssl.so (remove # form the start of line)
XAMPP -> Apache -> Config -> php.ini ("C:\xampp\php\php.ini")

extension=php_openssl.dll (remove ; from the start of line)
Restart apache and chrome!

Check any problems or the status of your certificate:

Chrome -> F12 -> Security -> View Certificate

score 0 · Answer 6 · answered May 12 '12 at 20:02

0

I did all of the suggested stuff here and my code still did not work because I was using curl

If you are using curl in the php file, curl seems to reject all ssl traffic by default. A quick-fix that worked for me was to add:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

before calling:

 curl_exec():

in the php file.

I believe that this disables all verification of SSL certificates.

answered May 12 '12 at 20:02

Chris Dutrow

48,402
65
188
258

4

... and by disabling the verification of the certificates, you leave the door open to potential MITM attacks, which SSL/TLS otherwise aims to protect against. DON'T DO THIS! – Bruno May 14 '12 at 00:49
1

Yup. I should have drawn more attention to this in the answer. Only do this if you aren't working on anything important. I use it on localhost to access websites that I personally programmed. – Chris Dutrow May 16 '12 at 21:10

score 0 · Answer 7 · answered Jun 21 '23 at 07:35

To enable this setting in Chrome:

chrome://flags/#allow-insecure-localhost

Just put this into URL input and enable it. Restart browser. SSL server.crt must be imported in browser in "Trusted Root Certification Authorities".

https started working as expected.

Setting up SSL on a local xampp/apache server

7 Answers7

Required:

Optional: (if above doesn't work, do more of these steps)

Linked