Enabling https to Xampp localhost

Question

I'm trying to enable https to localhost on my local device, I searched about it, but nothing worked.

I made sure that these are enabled:

In httpd.conf:

LoadModule ssl_module modules/mod_ssl.so

In php.ini:

extension=php_openssl.dll

I added this to httpd-vhosts.conf:

<VirtualHost _default_:443> 
    DocumentRoot "C:/xampp/htdocs" 
    ServerName localhost:443 
    ServerAlias localhost:443  
    SSLEngine on 
    SSLCertificateFile "/conf/ssl.crt/server.crt"
    SSLCertificateKeyFile "/conf/ssl.key/server.key"
</VirtualHost> 

Also I tried:

SSLCertificateFile "C:/xampp/apache/conf/ssl.crt/server.crt"
SSLCertificateKeyFile "C:/xampp/apache/conf/ssl.key/server.key"

But I get:

Your connection is not private
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_AUTHORITY_INVALID

Subject: localhost

Issuer: localhost

Expires on: Nov 9, 2019

Current date: Oct 27, 2018

PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIIBnzCCAQgCCQC1x1LJh4G1AzANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwls
b2NhbGhvc3QwHhcNMDkxMTEwMjM0ODQ3WhcNMTkxMTA4MjM0ODQ3WjAUMRIwEAYD
VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMEl0yfj
7K0Ng2pt51+adRAj4pCdoGOVjx1BmljVnGOMW3OGkHnMw9ajibh1vB6UfHxu463o
J1wLxgxq+Q8y/rPEehAjBCspKNSq+bMvZhD4p8HNYMRrKFfjZzv3ns1IItw46kgT
gDpAl1cMRzVGPXFimu5TnWMOZ3ooyaQ0/xntAgMBAAEwDQYJKoZIhvcNAQEFBQAD
gYEAavHzSWz5umhfb/MnBMa5DL2VNzS+9whmmpsDGEG+uR0kM1W2GQIdVHHJTyFd
aHXzgVJBQcWTwhp84nvHSiQTDBSaT6cQNQpvag/TaED/SEQpm0VqDFwpfFYuufBL
vVNbLkKxbK2XwUvu0RxoLdBMC/89HqrZ0ppiONuQ+X2MtxE=
-----END CERTIFICATE-----



This server could not prove that it is localhost;
its security certificate is not trusted by your computer's operating system.
This may be caused by a misconfiguration or an attacker intercepting your connection.

As well as changing the listen to 443 in httpd.conf

After editing the listen in httpd.conf to 443, I get errors running apache:

 Diese Eingabeforderung nicht waehrend des Running beenden
Bitte erst bei einem gewollten Shutdown schliessen
Please close this command only for Shutdown
Apache 2 is starting ...
(OS 10048)Only one usage of each socket address (protocol/network address/port)
is normally permitted.  : AH00072: make_sock: could not bind to address [::]:443

(OS 10048)Only one usage of each socket address (protocol/network address/port)
is normally permitted.  : AH00072: make_sock: could not bind to address 0.0.0.0:
443
AH00451: no listening sockets available, shutting down
AH00015: Unable to open logs

Apache konnte nicht gestartet werden
Apache could not be started
Press any key to continue . . .

What's wrong?

Answer 1

At first you don't have to edit the Listen statement in the file httpd.conf. You can and should leave it like that:

Listen 80

The rest of your configuration looks good and is working fine. The problem or the reason why you are getting the error message you desribed is because you are using a self-signed certificate. This self-signed certificate hasn't a valid authority (a company which validates your certificate).

For test-purpose on a local system this is absolute valid. But if you want to force your browser (I can see you're using Google Chrome from the message you posted) to trust the certificate you have to import your self-signed certificate to the list of trusted certificates. A good tutorial was posted by @kellen in this post on SO.