UwAmp (WAMP) - Using a Self-Signed SSL Certificate for HTTPS
 

UwAmp (WAMP) – Using a Self-Signed SSL Certificate for HTTPS

June 22, 2017

How Do I Get a Self-Signed SSL Certificate to Work With UwAmp / WAMP?

There are various reasons why one might need SSL enabled on a staging / development environment while building a site, SPA, or PaaS product. Maybe you have API’s that will not accept requests originating from a non-secure domain. Maybe you are trying to build an API of your own that needs to deliver over SSL to be compliant with the environment of the end user. Or maybe you just want to have your own self-signed SSL certificate on your WAMP installation for fun and nerd-cred ūüôā

Most guides I found for using a self-signed SSL certificate for WAMP wayyy over-complicated things – at least with UwAmp, I came up with my own process that was relatively pain-free and easy to follow:


Background Info / Notes:

By default, port access is on :443 and non-ssl is on port 80

Default SSL cert paths for UwAmp are:

– SSLCertificateKeyFile “{APACHEPATH}/certificats/main-server.com.key”

– SSLCertificateFile “{APACHEPATH}/certificats/main-server.com.cert”

On my machine, this resolves to: “C:\UwAmp\bin\apache\certificats”

The important thing when setting these up is that the “Common Name” that corresponds with your cert and key should match the “ServerName” line in your httpd.conf file


Main Process:

  1. Generate your SSL certificate and key by using the site http://www.selfsignedcertificate.com/. Here are the specifics:
    1. Open your httpd_uwamp.conf in a text editor. It should be located in \[UwAmp or other stack main folder]\bin\apache\conf\. If you can’t find it for your WAMP program, Google is always your friend ūüôā
    2. Look for an entry for¬†<VirtualHost *:443>, then the line that says “ServerName” followed by a space and then, in quotes, a string, which is your server name. Change the server name to “localhost”
    3. Use the server name “localhost” from step 2 to generate the cert and key
  2. Download the cert and key from the generator and place it in the default directory for SSL certificates.
  3. Change the “SSLCertificateKeyFile” and “SSLCertificateFile” to reflect the filenames of the files generated by the generator (e.g. localhost.cert and localhost.key).

The above method works if you using “localhost” paths in your testing, but what if you also want to be able to access the SSL version from an internal IP address? E.g. https://192.168.1.67

  1. Follow the steps above, but use your local IP as the “ServerName” when generating the keys. Place the keys in the same folder, but keep the filenames from the generator and don’t overwrite your previously generated files.
  2. Copy the text of your localhost entry (<VirtualHost *:443> to¬†</VirtualHost>) and paste below it. Then change the “ServerName” of that copied entry to match the local IP, and change the “SSLCertificateKeyFile” and “SSLCertificateFile” to reflect the filenames of the files generated by the generator for your local IP.

Adding Self-Signed SSL Certificate Exceptions:

Finally, keep in mind that browsers don’t like self-signed certificates and you will see an error (usually ‚ÄėNET::ERR_CERT_AUTHORITY_INVALID’) if you try to access your site. You will have to add exceptions to Firefox and Chrome if you want to access your site using your self-signed SSL cert in those browsers. You will also have to do this for Chrome if you are using a program (like Postman) that is built on the chrome back-end/engine.

Here is how to add a SSL exception to Firefox:Firefox - Adding SSL Self-Signed Exception

Then hit “confirm exception”

And here is how to add a SSL certificate exception to Chrome:

Chrome - Adding SSL Self-Signed Exception


Looking for what the hosts config section of my httpd.conf file looks like?

Click here to see how my httpd.conf file matches up with my own instructions

# ****************************************************************************************************************
# VIRTUAL HOST

<VirtualHost *:80>
#UWAMP Generate Virtual Host
    DocumentRoot "{DOCUMENTPATH}/"
    ServerName "main-serveur"
    Alias "/mysql/" "{PHPAPPS}/phpmyadmin/"
    Alias "/mysql" "{PHPAPPS}/phpmyadmin/"
    Alias "/uwamp/" "{PHPAPPS}/uwamp/"
    Alias "/uwamp" "{PHPAPPS}/uwamp/"
    <Directory "{PHPAPPS}/phpmyadmin/">
        AllowOverride All
        Options FollowSymLinks Includes Indexes 
        Require local
    </Directory>
    <Directory "{PHPAPPS}/uwamp/">
        AllowOverride All
        Options FollowSymLinks Includes Indexes 
        Require local
    </Directory>
    <Directory "{DOCUMENTPATH}/">
        AllowOverride All
        Options FollowSymLinks Indexes 
        {ONLINE_MODE}        
    </Directory>
</VirtualHost>
<VirtualHost *:443>
#UWAMP Generate Virtual Host
    DocumentRoot "{DOCUMENTPATH}/"
    ServerName "localhost"
    SSLEngine on
    SSLCertificateKeyFile "{APACHEPATH}/certificats/localhost.key"
    SSLCertificateFile "{APACHEPATH}/certificats/localhost.cert"
    Alias "/mysql/" "{PHPAPPS}/phpmyadmin/"
    Alias "/mysql" "{PHPAPPS}/phpmyadmin/"
    Alias "/uwamp/" "{PHPAPPS}/uwamp/"
    Alias "/uwamp" "{PHPAPPS}/uwamp/"
    <Directory "{PHPAPPS}/phpmyadmin/">
        AllowOverride All
        Options FollowSymLinks Includes Indexes 
        Require local
    </Directory>
    <Directory "{PHPAPPS}/uwamp/">
        AllowOverride All
        Options FollowSymLinks Includes Indexes 
        Require local
    </Directory>
    <Directory "{DOCUMENTPATH}/">
        AllowOverride All
        Options FollowSymLinks Indexes 
        {ONLINE_MODE}        
    </Directory>
</VirtualHost>

<VirtualHost 192.168.1.67:443>
    ServerName 192.168.1.67
    DocumentRoot "{DOCUMENTPATH}/"
    
    SSLEngine on
    SSLCertificateKeyFile "{APACHEPATH}/certificats/192.168.1.67.key"
    SSLCertificateFile "{APACHEPATH}/certificats/192.168.1.67.cert"
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

    Alias "/mysql/" "{PHPAPPS}/phpmyadmin/"
    Alias "/mysql" "{PHPAPPS}/phpmyadmin/"
    Alias "/uwamp/" "{PHPAPPS}/uwamp/"
    Alias "/uwamp" "{PHPAPPS}/uwamp/"
    <Directory "{PHPAPPS}/phpmyadmin/">
        AllowOverride All
        Options FollowSymLinks Includes Indexes 
        Require local
    </Directory>
    <Directory "{PHPAPPS}/uwamp/">
        AllowOverride All
        Options FollowSymLinks Includes Indexes 
        Require local
    </Directory>
    <Directory "{DOCUMENTPATH}/">
        AllowOverride All
        Options FollowSymLinks Indexes 
        {ONLINE_MODE}        
    </Directory>
</VirtualHost>

Could the site or PaaS you are working on be the “next big thing”? You’ll need marketing to help get the word out – we can help.

Leave a Reply

Your email address will not be published. Required fields are marked *

More Services