0

the WAMP server 3.0.8 is installed in C:\wamp64 on Windows 10.

All services are running and the icon is green.

No certificate or other errors appear in C:\wamp64\bin\apache\apache2.4.23\logs\error.log.

ssl_request.log shows "127.0.0.1 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384" for GET and POST request.

Still Google Chrome is showing the site as Not Secure, https in red and crossed out.

Any help to fix this appreciated.

Udo VV
  • 63
  • 1
  • 6
  • What do you see in the Developers Tools Security panel? F12 > Security? – Anand Bhat Jul 31 '17 at 11:53
  • Chrome Security Panel Subject Alternative Name Missing The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address. Issued by: Untrusted Bitdefender CA Certificate Error There are issues with the site's certificate chain (net::ERR_CERT_AUTHORITY_INVALID). Issued by: Untrusted Bitdefender CA Secure Resources All resources on this page are served securely. Obsolete Connection Settings The connection to this site uses a strong protocol (TLS 1.2), an obsolete key exchange (RSA), and a strong cipher (AES_128_GCM). – Udo VV Jul 31 '17 at 14:04
  • I am not sure how Bitdefender comes into the certificate. I used OpenSSL to create my own certificate / key. – Udo VV Jul 31 '17 at 14:05
  • 1
    See [here for how to](https://stackoverflow.com/questions/26236351/installation-ssl-in-wamp-server-error-in-httpd-ssl-conf/26252312#26252312) – RiggsFolly Jul 31 '17 at 16:12

1 Answers1

0

Thanks for all your replies. They helped a lot to configure Apache and OpenSSL to get SSL on WAMP.

As for the certificate I gave up on OpenSSL for now. I used a subdomain on one of my managed servers, had Let'sEncrypt generate a certificate for it, made the subdomain local on my development machine and copied the Let'sEncrypt certificate.

Now even with Bitdefender fully active this address functions as fully secure (green https in Chrome) within the local development environment.

Udo VV
  • 63
  • 1
  • 6