I have downloaded xampp for mac, installed it and bought ssl certificat, but i'm having hard
times to install the ssl...
Can someone computer wise explain to me step by step, easy how to set it up? please i have
searched google, but could not understand the way they did, please take your time to
explain...
The file you need to edit to enable SSL is httpd-ssl.conf found in the conf/extra directory.
Change the following directives:
SSLCertificateFile to domain_com.crt
SSLCACertificateFile to PositiveSSLCA2.crt
SSLCertificateKeyFile to the private key file you received when you created the CSR
Open " Terminal " and type: sudo nano /private/etc/hosts then add 127.0.0.1 your_domain.com and 127.0.0.1 www.your_domain.com, when done editing the hosts file, press control-o to save the file.
Then call sudo /Applications/XAMPP/xamppfiles/xampp enablessl to enable SSL in httpd.conf and restart Apache. Now try accessing https://localhost
Related
My Apache httpd is installed in root/apps folder (all the configuration files of Apache are existing in the directory of root/apps/apache) folder.
I am using Tomcat 7 with Apache. Recently i need to support https in Apache http server. For this i have created self ssl certificate as ca.crt and keep it in the directory of /apps/keystore/ca.crt and also created private key as ca.key and keep it in the directory of /apps/keystore/ca.key.
After creating these two files i have configured the httpd - ssl.conf file which is located in the direcotry of (/apps/apache/conf/extra/httpd-ssl.conf).
In this file i have added SSLCertificateFile "/apps/keystore/ca.crt" , SSLCertificateKeyFile "/apps/keystore/ca.key" , ServerName example.com:443 and SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2 under <VirtualHost default:443,> tag and save this file.
The listen port in the file is Listen 443.
I have also configured \apps\apache\conf\httpd.conf file.
In this file i have set Include conf/extra/httpd-ssl.conf in the bottom of the page.
I also enable mod_ssl.so file by putting LoadModule ssl_module modules/mod_ssl.so in this file and save it .
After restarting my apache i put the URL of "**https://example.com/example_folder/**" on the browser and there is showing that "This page can’t be displayed" but if i use "**http://example.com/example_folder/**" then there doesn't showing any problem and getting desirable page.
Please someone help by mentioning what i miss in here and what i will need to do. Sorry for grammatical mistake. Please help
I'm creating this "question" to document how I was able to set up SSL locally, in case I need to do this again in the future. Thought I'd document it here hoping this can be of help to others too, 'cause it's a tricky process.
I'm working on a Mac with High Sierra, MAMP v 4.2.1 and Chrome v 71
Alright, let's roll.
1) Create a SSL certificate for localhost
To be able to use HTTPS with localhost we actually need two certificates: a root certificate, and a domain certificate specifically created for the localhost domain.
These nifty scripts I've found take care of creating both. They're very easy to use—just follow the instructions closely and you'll be good to go. The only thing that is not so clear in the documentation is that, where it says Then mark the certificate as trusted, this means you have to click on the certificate in Keychain Access and change the Trust option to Always.
(Here you can find a more elaborate explanation of what those scripts actually do)
If everything worked for you, you should now have two files server.crt and server.key. I've created a ssl folder in /Applications/MAMP and moved the files in it; but you can put them wherever you think is best.
Let's forget about the files now and proceed to some Apache configuration.
2) Configure MAMP's Apache to accept SSL
By default, Apache is not configured to accept SSL connections, so we have to change that. Open /Applications/MAMP/conf/apache/httpd.conf and make sure the following lines are NOT commented out. If they are, remove the # at the beginning of the line:
LoadModule ssl_module modules/mod_ssl.so
Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf
Also, look for this line:
Servername localhost:443
and make sure the port is set to 443. 443 is the default port for HTTPS secured connections (regular, unsecured HTTP connections listen to port 80 by default).
Next, open /Applications/MAMP/conf/apache/extra/httpd-ssl.conf and make sure you have this line:
Listen 443
Again, this is important because we have to set up everything on the same port. To this end, you should also click on the MAMP icon in your MAC's dock, hit Preferences, go to the Ports tab and choose Set Web & MySql ports to 80 & 3306.
Stop and restart MAMP to apply the changes we've made so far.
3) Configure the default Virtual Host for SSL
While still in /Applications/MAMP/conf/apache/httpd.conf, look for these lines:
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/Applications/MAMP/Library/htdocs"
ServerName www.example.com:443
These lines set Apache's default behavior for all HTTPS connections. The ServerName is just a dummy name that you should replace with localhost; you should also make sure that the default DocumentRoot does match with your projects root folder.
So change the above lines as follows:
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/path/to/your/htdocs"
ServerName localhost
As you scroll a bit further down, while we're still in the default VirtualHost directive, you will find these two lines:
SSLCertificateFile "/Applications/MAMP/conf/apache/server.crt"
SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server.key"
Change these to wherever you put the files we genereated in step 1. Like I said before, I've put mine in "/Applications/MAMP/ssl", so I've changed the
above lines to:
SSLCertificateFile "/Applications/MAMP/ssl/server.crt"
SSLCertificateKeyFile "/Applications/MAMP/ssl/server.key"
Stop and restart MAMP to apply the changes. Now if you go to https://localhost you should be able to see the list of projects in your root folder. That's it for localhost!
4) Create a SSL certificate for custom local domains
What if you wanted to create a custom domain myproject.dev and use SSL for that too, so you could access it at https://myproject.dev?
Pretty much like what we did for localhost, we need to create a SSL certificate specifically for the myproject.dev domain, then configure a virtual host for myproject.dev. Let's start with creating the certificate.
Again, I've found this little tool called create-ssl-certificate that will generate for you an SSL certificate for a specific local domain. This too is very easy to use, the only not so clear part is that it is a NPM package that you can install globally with npm -g install create-ssl-certificate.
If everything went well with create-ssl-certificate, you should now have two files, just like it was with localhost in step 1. By default, create-ssl-certificate calls the generated files ssl.crt and ssl.key. I've renamed them as server.crt and server.key to be consistent with the localhost files. Then I've created a ssl folder in the myproject root folder, and moved the files in there.
Let's forget about the files for a moment and proceed to some Apache configuration.
4) Configure MAMP's Apache to accept Virtual Hosts
If you've created virtual hosts before, you have probably already done this, so you can skip this step.
The only thing we need to do to 'activate' the possibility of creating virtual hosts is to go to /Applications/MAMP/conf/apache/httpd.conf and uncomment this line:
Include /Applications/MAMP/conf/apache/extra/httpd-vhosts.conf
5) Configure your local domain's Virtual Host for SSL
Now we can set up a virtual host so that we can access myproject at https://myproject.dev. First of all, edit your hosts file and add this line:
127.0.0.1 myproject.dev
Then, go to /Applications/MAMP/conf/apache/extra/httpd-vhosts.conf and add the following:
<VirtualHost myproject.dev:443>
ServerName myproject.dev
DocumentRoot "/Users/myusername/Sites/myproject"
SSLEngine on
SSLCertificateFile "/Users/myusername/Sites/myproject/ssl/server.crt"
SSLCertificateKeyFile "/Users/myusername/Sites/myproject/ssl/server.key"
</VirtualHost>
With this configuration, you will be able to access https://myproject.dev because the server is instructed to search for the SSL certificates we've created in step 4.
My hosting (instance) is on EC2 and domain is on Nominalia. I am using ubuntu16.0.4 and Laravel 5.4, I have generated CSR, key file, certificate file and kept on root of server that is /var/www/html
Now I have to place
<VirtualHost *:443>
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /var/www/html/sitename.com.crt
SSLCertificateKeyFile /var/www/html/sitename.com.key
SSLCertificateChainFile /var/www/html/intermediate-ca.crt
</VirtualHost>
I am not getting where I shall keep it. I tried to keep in /etc/apache2/sites-enabled/000-default.conf or /etc/apache2/sites-enabled/default-ssl.conf or /etc/apache2/sites-available/default-ssl.conf but it did not work and I am getting errors
In chrome
This site can’t be reached
and in Mozilla
Secure Connection Failed
Site is working without https
I also tried to keep both "VirtualHost *:443" and "VirtualHost *:80" in /etc/apache2/sites-enabled/000-default.conf but it also did not work. In this case, I am getting "This site can’t be reached"
There are lot of articles that I am reading from few days but not getting how to do final setting so that my site start working after I successfully placed all certificate files.
Recently Chrome stoped accepting self-signed Certificates. You can save a lot of effort using Let's Encrypt SSL Certificates. They are free, but valid for 90 days only. But you can configure auto renewal process, so you don't need to worry, because all things happens behind scenes.
Installation on Ubuntu it's simple:
1. Add repository to apt
sudo add-apt-repository ppa:certbot/certbot
After complete, update apt-get:
sudo apt-get update
2. Install Certbot
Certbot is a client tool for managing certificates from Let's Encrypt.
Run:
sudo apt-get install python-certbot-apache
3. Set up SSL Certificate
sudo certbot --apache -d sitename.com
If your domain could be accessed with www prefix run this command instead:
sudo certbot --apache -d sitename.com -d www.sitename.com
From now Certbot will run automatically via /etc/cron.d to check for expiring certificates.
You can validate process by running:
sudo certbot renew --dry-run.
It's done.
Full documentation for Certbot is here: https://certbot.eff.org/docs/
I just got commodo free ssl trial, and uploaded the ssl to my EC2 instance using AWS CLI, then changed the listener in the loadbalancer to the new ssl, but when I run ssl checker still shows the previous self signed certificate, which causes the browser warning when accessing the website, I have googled for hours trying to find and answer and followed everything in regards of updating the SSL but still no luck
Ok I had to figure it out myself, since it was the first time i had to install an SSL on an aws server, and thought i would post the answer in case someone else is going trough the same issue.
I have got my ssl from comodo which they provide 2 files (file.crt & file.ca-bundle), I went through load balancer to change my SSL first, not 100% sure if it is a required step, but I would recommend doing, so you would need the three ssl files (name.key "which is the one you submitted to your ssl provider", name.crt and name.ca-bundle).
1- in my case I was using an ubuntu instance with apache2, you will need to create a new ssl directory in /etc/apache2 (e.g /etc/apache2/ssl).
2- Upload all three files to the new directory.
3- navigate to /etc/apache2/sites-enabled -> and edit ssl-enabled.conf as follows:
<VirtualHost>
DocumentRoot /var/www/html2
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/DigiCertCA.crt
</VirtualHost>
4- Restart your apache2 service and you should be all good to go.
Hope that was helpful
Hello all my document root location for my project is:
C:\xampp\htdocs\Warrington\public_html
I have updated my host file
C:\Windows\System32\drivers\etc\hosts
added the line
127.0.0.1 warrington.dev.com
I have then added to
C:\xampp\apache\conf\extra\httpd-vhosts
<VirtualHost *:80>
ServerAdmin matthew#warrington.com
DocumentRoot "C:/xampp/htdocs/Warrington/public_html"
ServerName warrington.dev.com
ServerAlias www.warrington.dev.com
ErrorLog "C:/xampp/htdocs/Warrington/public_html/error_log"
</VirtualHost>
and then to C:\xampp\apache\conf\httpd
Alias /public_html "C:/xampp/htdocs/Warrington/public_html"
<Directory "C:/xampp/htdocs/Warrington/public_html">
AllowOverride All
Order allow,deny
Allow from all
</Directory>
however when i restart apache and go to www.warrington.dev.com i get no error in the log apart from this
Sorry, the website www.warrington.dev.com cannot be found.
any ideas what i am missing with setting up virtual host
I added to host file
updates httpd and httpd-vhosts
restarted apache and no joy
www.warrington.dev.com is not the same as warrington.dev.com, both need to have an IP address entry in your hosts file.
Browsers now adays may have .dev extension disabled and may require a valid SSL through mydomain.test if you have WINDOWS (the following worked for me on CHROME DID NOT WORK FOR FIREFOX) you can try the following to create an SSL file for each domain.
1. Go to C:\xampp\apache\crt (create crt if you don't have this folder)
C:\xampp\apache\crt in the crt folder create the following 2 files:cert.conf and make-cert.bat (follow the links and copy the code)
In cert.conf edit where it says {{DOMAIN}} and replace it with your domain name example: mydomain.test and save the file (REMOVE THE curly brackets you don't need them).
Double click the make-cert.bat and input mydomain.test in the command prompt (same name you used in the cert.conf file) And you can just press enter and enter on the next prompts it really doesn't matter.
You will now see a site.test folder created. In that folder we will have
server.crt and server.key. This is the SSL certificate.
Double click on the server.crt to install it on Windows so Windows can trust it. (Click Install Certificate) And select Local Machine as Store Location.
Select “Place all certificates in the following store” and click browse and select Trusted Root Certification Authorities.
Click Next and Finish. And now this cert is installed and trusted in Windows. Next is how to use this cert in XAMPP.
Open notepad as administrator.
Edit C:\Windows\System32\drivers\etc\hosts (the file has no ext) Add this in a new line:
127.0.0.1 mydomain.test
We need to enable SSL for this domain and let XAMPP know where we store the SSL Cert. We need to edit C:\xampp\apache\conf\extra\httpd-xampp.conf
And add this code at the bottom:
Last but not least you have to restart Apache server in the Xampp control panel(Switch it off and then back on again) Then Clear your browser's cache and then restart your browser. Enter mydomain.test in your browser it should direct your project's index file as specified in what we entered in C:\xampp\apache\conf\extra\httpd-xampp.conf