I am setting up my personal domain and I have this config:
ServerAdmin contact#brentc.in
Listen 80
<VirtualHost *:80>
DocumentRoot "/www/brentc.in"
ServerName brentc.in
ServerAlias www.brentc.in
</VirtualHost>
Listen 443 https
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/opt/rh/httpd24/root/var/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<VirtualHost *:443>
ServerName brentc.in
ServerAlias www.brentc.in
DocumentRoot /www/brentc.in/
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/brentc.in/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/brentc.in/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/brentc.in/fullchain.pem
</VirtualHost>
<VirtualHost *:443>
ServerName atlassian.brentc.in
ServerAlias www.atlassian.brentc.in
DocumentRoot /www/atlassian.brentc.in/
Options Indexes FollowSymLinks Includes ExecCGI
SSLProtocol all -SSLv2
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /jira/secure/admin/IntegrityChecker.jspa http://localhost:8081/jira/secure/admin/IntegrityChecker.jspa timeout=3600
ProxyPassReverse /jira/secure/admin/IntegrityChecker.jspa http://localhost:8081/jira/secure/admin/IntegrityChecker.jspa
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/brentc.in/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/brentc.in/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/brentc.in/fullchain.pem
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /jira>
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept"
ProxyPass http://localhost:8081/jira retry=0
ProxyPassReverse http://localhost:8081/jira
SetOutputFilter DEFLATE
</Location>
</VirtualHost>
For the first domain (brentc.in) I can access index.html just fine.
For the second domain (atlassian.brentc.in) it shows the apache sample (test 123) page and when I explicitly go to index.html it says I'm not allowed to access the file.
My file permissions are exactly the same as the working index.html. Am I missing something here?
The atlassian.brentc.in is also a proxy to a behind the scenes tomcat server. My intention is, when you go to atlassian.brentc.in it shows you a landing page. Then from there you can go to atlassian.brentc.in/jira.
The error_log contains this:
[Wed Jun 14 10:43:47.714099 2017] [authz_core:error] [pid 4399] [client <ip>:58299] AH01630: client denied by server configuration: /www/atlassian.brentc.in/index.html
[Wed Jun 14 10:43:47.952670 2017] [authz_core:error] [pid 4399] [client <ip>:58299] AH01630: client denied by server configuration: /www/atlassian.brentc.in/favicon.ico, referer: https://atlassian.brentc.in/index.html
i think you need to add something like this
<Directory "your/sample/directory">
# AllowOverride All # Deprecated
# Order Allow,Deny # Deprecated
# Allow from all # Deprecated
# --New way of doing it this is the important part
Require all granted
</Directory>
Related
I'm trying to configure apache2 for a specific use case. An old web server only runs in HTTP on port 8788. I want to put it behind an apache reverse-proxy (Debian) which will ensure the encryption of exchanges with the client and will make requests to the web server in HTTP/port 8788.
The reverse proxy already works for other web servers and i changed the DNS for oldserver.example.com to point to the reverse-proxy IP address.
Connections to http://oldserver.example.com and https://oldserver.example.com work correctly and display the old server's web page.
But when I try to access http://oldserver.example.com:8788 (I have to keep this access via port 8788 because the link has been posted like this for years) the browser redirects to https://oldserver.example.com:8788 and shows this error:
Secure Connection Failed
In the configuration files and logs below, I replaced the reverse proxy IP address with X.X.X.X; the IP address of the oldserver by Y.Y.Y.Y and the IP addresses of the clients by Z.Z.Z.Z.
When I try with wget, everything seems OK:
wget -v http://oldserver.example.com:8788
--2022-09-14 14:36:15-- http://oldserver.example.com:8788/
Resolving oldserver.example.com (oldserver.example.com)... X.X.X.X
Connecting to oldserver.example.com (oldserver.example.com)|X.X.X.X|:8788... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://oldserver.example.com/ [following]
--2022-09-14 14:36:15-- https://oldserver.example.com/
Connecting to oldserver.example.com (oldserver.example.com)|X.X.X.X|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 11628 (11K) [text/html]
Saving to: 'index.html'
index.html.3 100%[=================================================================================================================>] 11.36K --.-KB/s in 0s
2022-09-14 14:36:15 (42.0 MB/s) - 'index.html' saved [11628/11628]
Configuration files
/etc/apache2/sites-available/oldserver.conf :
<VirtualHost *:80 *:8788>
ServerName oldserver.example.com
include /etc/apache2/xyz/general.conf
include /etc/apache2/xyz/redirect-ssl.conf
ErrorLog ${APACHE_LOG_DIR}/error_oldserver.log
CustomLog ${APACHE_LOG_DIR}/access_oldserver.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName oldserver.example.com
ErrorLog ${APACHE_LOG_DIR}/error_oldserver.log
CustomLog ${APACHE_LOG_DIR}/access_oldserver.log combined
include /etc/apache2/xyz/general.conf
include /etc/apache2/xyz/ssl.conf
include /etc/apache2/xyz/revproxy.conf
ProxyPass / http://Y.Y.Y.Y:8788/
ProxyPassreverse / http://Y.Y.Y.Y:8788/
</Virtualhost>
</IfModule>
/etc/apache2/xyz/general.conf :
ServerAdmin system#example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Protocols h2 http/1.1
DocumentRoot /var/www/html
ErrorDocument 500 https://reverseproxy.example.com/
ErrorDocument 503 https://reverseproxy.example.com/
/etc/apache2/xyz/redirect-ssl.conf :
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
/etc/apache2/xyz/revproxy.conf :
ProxyPreserveHost On
ProxyRequests Off
SSLProxyEngine on
/etc/apache2/xyz/ssl.conf:
#####▒| SSL #####
SSLEngine on
Header always set Strict-Transport-Security "max-age=15768000"
SSLCertificateFile /etc/ssl/wildcard.example.com.crt
SSLCertificateKeyFile /etc/ssl/wildcard.example.com.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
Logs
Strangely, on the reverse proxy, I have nothing in the /var/log/apache2/error_oldserver.log file but I find traces of the connections in the /var/log/apache2/error.log file:
error.log:[Wed Sep 14 14:43:53.497291 2022] [proxy_http:error] [pid 36806:tid 139808714381056] (20014)Internal error (specific information not available): [client Z.Z.Z.Z:51225] AH01102: error reading status line from remote server Y.Y.Y.Y:8788, referer: https://oldserver.example.com/
I don't have access to the logs of the oldserver.
Thank you in advance for your help.
Add new block with port *:8788 in the same virtual host and add LISTEN 8788 in the same block in virtual host file. And port should be opened from Security Group.
<VirtualHost *:443>
ServerName oldserver.example.com
DocumentRoot /var/www/oldserver.example.com/public
<Directory /var/www/oldserver.example.com>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog /var/www/oldserver.example.com/error.log
CustomLog /var/www/oldserver.example.com/access.log combined
SSLEngine on
SSLCertificateKeyFile /SSL Certificate path/xxx.pem
SSLCertificateFile /SSL Certificate path/xxx.pem
SSLCertificateChainFile /SSL Certificate path/xxx.pem
</VirtualHost>
LISTEN 8788
<VirtualHost *:8788>
ServerName oldserver.example.com
DocumentRoot /var/www/oldserver.example.com/public
<Directory /var/www/oldserver.example.com>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCertificateKeyFile /SSL Certificate path/xxx.pem
SSLCertificateFile /SSL Certificate path/xxx.pem
SSLCertificateChainFile /SSL Certificate path/xxx.pem
</VirtualHost>
I use reverse proxy to show backend server content for a subdomain.
The subdomain.mydomain.com (server A) should display content of server with IP 123.123.123.123 port 1111 (server B).
Virtual host of subdomain.mydomain.com (server A):
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName subdomain.mydomain.com
SSLEngine on
SecAuditEngine On
RewriteEngine On
SSLProxyEngine on
ProxyPreserveHost On
LogLevel warn
<Directory />
Options -Indexes +FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Location />
ProxyPass https://123.123.123.123:1111
ProxyPassReverse https://123.123.123.123:1111
</Location>
ErrorLog /var/log/apache2/error.log
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLVerifyClient none
SSLVerifyDepth 1
SSLCertificateFile /etc/apache2/cert.site/chain_wildcard_site_combined.crt
SSLCertificateKeyFile /etc/apache2/cert.site/key_wildcard_site.key
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
</IfModule>
Virtual host of 123.123.123.123:1111 (server B):
<IfModule mod_ssl.c>
<VirtualHost 123.123.123.123:1111>
DocumentRoot /srv/www/site/htdocs
SSLEngine on
RewriteEngine On
SSLProxyEngine on
ProxyPreserveHost On
LogLevel warn
<Location "/">
Require ip 222.222.222.222
</Location>
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /srv/www/site/htdocs>
Options -Indexes +FollowSymLinks +MultiViews
DirectoryIndex index.php
AllowOverride None
Require all granted
</Directory>
ErrorLog /srv/www/site/log/error.log
CustomLog /srv/www/site/log/access.log combined
CustomLog /srv/www/site/log/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLVerifyClient none
SSLVerifyDepth 1
SSLCertificateFile /etc/apache2/cert.site/chain_wildcard_site_combined.crt
SSLCertificateKeyFile /etc/apache2/cert.site/key_wildcard_site.key
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
If I load URL:
https://subdomain.mydomain.com/dir/
it loads successfully.
If I load URL (without trailing slash):
https://subdomain.mydomain.com/dir
it results error page: ERR_CONNECTION_REFUSED.
EDIT1:
I execute command:
curl -IL https://subdomain.mydomain.com/dir
and I get this result:
HTTP/1.1 301 Moved Permanently
Date: Mon, 23 Aug 2021 13:45:13 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains
Strict-Transport-Security: max-age=15768000; includeSubDomains
Location: https://subdomain.mydomain.com:1111/dir/
Content-Type: text/html; charset=iso-8859-1
curl: (7) Failed to connect to subdomain.mydomain.com port 1111: Connection refused
EDIT2:
I added trailing slash
<Location />
ProxyPass https://123.123.123.123:1111/
ProxyPassReverse https://123.123.123.123:1111/
</Location>
But I still get the Connection refused error.
Any idea why is it resulting error, when trailing slash is missing?
Thanks!
Since you used ProxyPreserveHost ON, your ProxyPassReverse should be ProxyPassReverse https://subdomain.mydomain.com:1111/ because this is the Location: header your backend is producing that you need the frontend to fixup.
The backend unfortunately sees no port in the Host: header and picks the port of the local connection. It is a problem that only happens when the default port is used on the frontend + ProxyPreserveHost. ServerName with an explicit port :443 might help on the backend.
You cannot use port 1111 for SSL - it MUST be 443 (modern certificates and CORS do not work or accept different ports)
I have an issue with SSLRequire file expression in Apache 2.4 in that it doesn't seem to be finding or be able to access the file in question.
Here's the code excerpt:
<Location />
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire (%{SSL_CLIENT_CERT} eq file("<full_path_to_PEM_file>"))
</Location>
And when I try to access the site, I get this error in logs:
[Tue Jun 27 13:20:02.358478 2017] [ssl:error] [pid 18661:tid 47040594310912] [client 82.69.3.205:58275] Evaluation of expression from 20-mod_ssl.conf:240 failed: Cannot open file <full_path_to_PEM_file>, referer: https://example.com/
The permissions are correct and the file definitely exists, so I am not sure what else to do here.
The PEM file is a valid public certificate with "BEGIN CERTIFICATE" and "END CERTIFICATE" lines at start and end...
Any ideas?
Your VHost should look like:
<VirtualHost *:443>
ServerAdmin webmaster#example.com
DocumentRoot /var/www/html/example
ServerName example.com
SSLEngine on
SSLCertificateFile /etc/ssl/CA/example_com.crt
SSLCertificateKeyFile /etc/ssl/CA/example.key
# https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1203&nav=0,96,1,95
SSLCertificateChainFile /etc/ssl/CA/chain_example_with_Positive.pem
SSLHonorCipherOrder On
SSLProtocol -all +TLSv1 +SSLv3
SSLCipherSuite RC4-SHA:HIGH:!MD5:!aNULL:!EDH:!ADH
SSLInsecureRenegotiation off
<Directory /example/>
Options Indexes SymLinksIfOwnerMatch
AllowOverride All
Require all granted
</Directory>
<Directory /var/www/html/example/>
Options Indexes SymLinksIfOwnerMatch
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>
I have xampp installed on my vps. My website works perfect now. But I need to run my website with ssl.
I've read many tutorials about it and most of them was the same. Anyway, I did what they told. And anything doesn't work for me.
I've created certificates with ssh not with a CA authority. It's just for test.
I've edited php.ini file to enable ssl extension.
I've edited httpd-ssl.conf and httpd-vhosts.conf files.
Here is my httpd-vhosts.conf file:
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
ServerAdmin info#example.com
DocumentRoot "C:/xampp/htdocs/"
ServerName example.com
ServerAlias www.example.com:8080
ErrorLog "logs/example.com-error.log"
CustomLog "logs/example.com-access.log" common
</VirtualHost>
<VirtualHost *:443>
DocumentRoot C:\xampp\htdocs\
ServerName example.com
<Directory C:\xampp\htdocs\n>
AllowOverride All
Allow from All
</Directory>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
<FilesMatch "\.(cgi|shtml|pl|asp|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "C:/xampp/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>
When I type https://example.com or example.com:443 website doesn't open.
Any solution?
Update:
Here is the log in apache error logs file:
[Fri Sep 23 19:09:11.355966 2016] [ssl:warn] [pid 2616:tid 284]
AH01909: example.com:443:0 server certificate does NOT include an ID
which matches the server name
Problem solved.
Firewall was blocking port 443. Now it's open and there is no problem.
I am writing a php app on my local machine and would like to test to see if SSL is working. Bear with me because this is the first time I've ever used SSL.
So far this is what I've done:
Created a SSL Certificate. I followed the first part of this this tutorial to create the certificate.
I imported the server.crt file into chrome.
Removed the semicolon in front of ;extension=php_openssl.dll in php.ini (reference)
Edited my httpd-vhosts.conf file based on this page. The relevant section of that file is below. This is the full file: http://pastebin.com/k6Jh2eR6
<VirtualHost *>
DocumentRoot "C:\Users\user_name\Documents\project_one"
ServerName project_one.localhost
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
<Directory "C:\Users\user_name\Documents\project_one">
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
I would usually access my project by typing in http://project_one.localhost
When trying to access my project by typing https://project_one.localhost into chrome I automatically get forwarded to https://project_one.localhost/xampp/ (as if XAMPP doesn't recognize https://project_one.localhost as a subdomain at all and treats it as if I'm typing in https://localhost) Any idea where I'm screwing up?
NOTE:
LoadModule ssl_module modules/mod_ssl.so was uncommented in httpd.conf file
SSL, of the HTTPS://url.here/ variety, is entirely handled by Apache and has nothing to do with PHP, or any of PHP's extensions/modules, or any php.ini settings.
A typical SSL Enabled VirtualHost looks like this and contains at least these parts...
<VirtualHost *:443>
DocumentRoot "C:/WampDeveloper/Websites/www.example.com/webroot"
ServerName www.example.com
ServerAlias example.com
SSLEngine On
SSLCertificateFile "C:/WampDeveloper/Websites/www.example.com/certs/public.crt"
SSLCertificateKeyFile "C:/WampDeveloper/Websites/www.example.com/certs/private.key"
<Directory "C:/WampDeveloper/Websites/www.example.com/webroot">
Options All
AllowOverride All
order allow,deny
allow from all
</Directory>
</VirtualHost>
(The paths above are from my WampDeveloper Pro set up, Xampp's will be slightly different)
Your <VirtualHost *> line is faulty. It needs a port number, which is always 443 for an HTTPS:// URL, in combination with either an IP address or a star before it. And if using a star, also a NameVirtualHost *:443 line...
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
DocumentRoot "C:\xampp\htdocs"
ServerName localhost
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "C:\Users\user_name\Documents\project_one"
ServerName project_one.localhost
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
<Directory "C:\Users\user_name\Documents\project_one">
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "C:\Users\user_name\Documents\project_two"
ServerName project_two.localhost
<Directory "C:\Users\user_name\Documents\project_two">
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Here is simple step.
Go to C:\xampp\apache\conf
Open httpd.conf
And enable the ssl extensions (Remove # from line)
LoadModule ssl_module modules/mod_ssl.so
Go to C:\xampp\apache\conf\extra
Open httpd-vhosts.conf
Add new virtual hosts or edit existing
<VirtualHost *:443>
DocumentRoot "C:/xampp/htdocs/PROJECTNAME"
ServerName www.pl.f24sdev.com
<Directory C:/xampp/htdocs/PROJECTPATH>
AllowOverride All
Order Deny,Allow
Allow from all
</Directory>
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
</VirtualHost>
This may be an old question, but i am putting my answer here anyway for future reference
i'm Using XAMPP 3.2.1, Compiled May,7 2013
to enable VirtualHost with SSL at the same time here is what i did. (I'm using windows 7)
your windows HOST file must already be setup
Go to httpd-ssl.conf located at xampp\apache\conf\extra
I just copied the _default_ virtualhost and added my config. I removed all comments for shorter one and pasted this just below the default virtualHost just change the DocumentRoot and servername then Restart apache.
<VirtualHost *:443>
DocumentRoot "***path/to/your/project}***"
ServerName ***yourdomain***
ServerAdmin admin#example.com
ErrorLog "C:/xampp/apache/logs/error.log"
TransferLog "C:/xampp/apache/logs/access.log"
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "C:/xampp/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "C:/xampp/apache/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Which version of Apache are you using ? NameVirtualHost is not available in 2.4 version.
Uncomment the line Include conf/extra/httpd-ssl.conf in httpd.conf and add the following contents (fix the paths according to xampp's path). This will enable https://localhost
<IfModule ssl_module>
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crlss phrase on stdout.
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:E:/PROGRA\~1/AMPPS/apache/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
Mutex default
<VirtualHost _default_:443>
DocumentRoot "E:/Program Files/AMPPS/www"
ServerName localhost:443
ServerAdmin you#127.0.0.1
ErrorLog "E:/Program Files/AMPPS/apache/logs/ssl_error.log"
TransferLog "E:/Program Files/AMPPS/apache/logs/ssl_access.log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "E:/Program Files/AMPPS/apache/conf/ssl_crt/server.crt"
#SSLCertificateFile "E:/Program Files/AMPPS/apache/conf/server-dsa.crt"
SSLCertificateKeyFile "E:/Program Files/AMPPS/apache/conf/ssl_key/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "E:/Program Files/AMPPS/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "E:/Program Files/AMPPS/apache/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfModule>
If you want other domain like project_one.localhost have secured http connection then add the following virtualhost in httpd.conf or httpd-vhosts.conf(must be included in httpd.conf)
<IfModule ssl_module>
<VirtualHost 127.0.0.1:443>
<Directory "e:/program files/ampps/www/project_one.localhost">
Options FollowSymLinks Indexes
AllowOverride All
Order deny,allow
allow from All
</Directory>
ServerName project_one.localhost
ServerAlias project_one.localhost
ScriptAlias /cgi-bin/ "e:/program files/ampps/www/project_one.localhost/cgi-bin/"
DocumentRoot "e:/program files/ampps/www/project_one.localhost"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "E:\Program Files\AMPPS/apache/conf/ssl_crt/project_one.localhost.crt"
SSLCertificateKeyFile "E:\Program Files\AMPPS/apache/conf/ssl_key/project_one.localhost.key"
ErrorLog "E:/Program Files/AMPPS/apache/logs/project_one.localhost_ssl_error.log"
TransferLog "E:/Program Files/AMPPS/apache/logs/project_one.localhost_ssl_access.log"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "e:/program files/ampps/www/project_one.localhost/cgi-bin/">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "E:/Program Files/AMPPS/apache/logs/project_one.localhost_ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfModule>
Note : You will have to add an entry in hosts file 127.0.0.1 project_one.localhost
# to use ssl
<VirtualHost *:443>
DocumentRoot "D:/xampp/htdocs/httpsProject"
DirectoryIndex index.php
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
<Directory "D:/xampp/htdocs/httpsProject"
Options All
AllowOverride All
Require all grated
</Directory>
</VirtualHost>