0

I have been trying to use my xampp in localhost with https.

1/ The first step (certificate creation) seems okay. I generated a crt & a key using openssl. Using *.frenchpie.com as common name.

2/ I then copied those two respectively in /etc/ssl.crt/ & /etc/ssl.key/ folders.

3/ I did the following in httpd-vhosts.conf using what I found on stackoverflow

<VirtualHost *:443>
    DocumentRoot C:/xampp/htdocs/frenchpie
    ServerName local.frenchpie.com
    SSLEngine on
    SSLCertificateFile "conf/ssl.crt/frenchpie.crt"
    SSLCertificateKeyFile "conf/ssl.key/frenchpie.key"
</VirtualHost>

4/ Of course I restarted xampp

Please note that I did not change anything else. The website main folder is "frenchpie" in htdocs. Also 127.0.0.1 is mapped to local.frenchpie.com

Using http://local.frenchpie.com/frenchpie works as usual (homepage). Using https://local.frenchpie.com/frenchpie gives me a certificate error (see picture).

Any help appreciated.

enter image description here

gotye
  • 958
  • 2
  • 14
  • 33
  • You created your ssl certificate - meaning the browser doesn't trust your secure web site and warns you. It is normal. Once you move to production and purchase SSL certificate for your domain from a trusted authority, you will not see that warning. – smozgur Jan 27 '16 at 12:39
  • But why would it use the one on the picture? That's not the one I created ... – gotye Jan 27 '16 at 12:49
  • 1
    I think it is httpd-ssl.conf settings. it is likely pointing to the default SSLCertificateKeyFile and SSLCertificateFile values. You might want to look at this post for setting up ssl on xampp. http://stackoverflow.com/questions/5801425/enabling-ssl-with-xampp – smozgur Jan 27 '16 at 13:17
  • I decided to change it directly into httpd-ssl.conf (crt and key file links) and got it to work. Now the proper certificate shows up. – gotye Jan 28 '16 at 09:13

1 Answers1

1

If you generate a certificate with OpenSSL, when you visit your page from anyone browser you will have a error message because you create your own certificate.

All browsers have some root certificates by default (Symantec, Comodo etc). When you visit a website with https, they check if your certificate is generate by anyone of their default root certificates. However you can add new root certificates to your browser.

If you want a public website you are going to need a trusty certificate, so you will need to buy one.

ganchito55
  • 3,559
  • 4
  • 25
  • 46
  • I managed to get it approved on Chrome by simply adding my custom certificate to the keyChain on mac and choosing "always trust" option. Now I got it green ;) – gotye Jan 28 '16 at 09:12