How do I allow HTTPS for Apache on localhost?

KennC. picture KennC. · Nov 19, 2010 · Viewed 268.8k times · Source

I was asked to set up HTTPS with a self-signed cert on Apache on localhost, but how do I actually do that? I have no idea at all.

Answer

Simon East picture Simon East · Aug 25, 2011

I've just attempted this - I needed to test some development code on my localhost Apache on Windows. This was WAAAY more difficult than it should be. But here are the steps that managed to work after much hairpulling...

I found that my Apache install comes with openssl.exe which is helpful. If you don't have a copy, you'll need to download it. My copy was in Apache2\bin folder which is how I reference it below.

Steps:

  1. Ensure you have write permissions to your Apache conf folder
  2. Open a command prompt in Apache2\conf folder
  3. Type
    ..\bin\openssl req -config openssl.cnf -new -out blarg.csr -keyout blarg.pem
  4. You can leave all questions blank except:

    • PEM Passphrase: a temporary password such as "password"
    • Common Name: the hostname of your server

  5. When that completes, type
    ..\bin\openssl rsa -in blarg.pem -out blarg.key

  6. Generate your self-signed certificate by typing:
    ..\bin\openssl x509 -in blarg.csr -out blarg.cert -req -signkey blarg.key -days 365

  7. Open Apache's conf\httpd.conf file and ensure SSL module is enabled - there should be no hash at the start of this line:
    LoadModule ssl_module modules/mod_ssl.so

  8. Some Apache installations place the SSL config in a separate file. If so, ensure that the SSL conf file is being included. In my case I had to uncomment this line:
    Include conf/extra/httpd-ssl.conf

  9. In the SSL config httpd-ssl.conf I had to update the following lines:

    • Update
      SSLSessionCache "shmcb:C:\Program Files (x86)\Zend\Apache2/logs/ssl_scache(512000)"
      to
      SSLSessionCache "shmcb:C:/Progra\~2/Zend/Apache2/logs/ssl_scache(512000)"
      (The brackets in the path confuse the module, so we need to escape them)
    • DocumentRoot - set this to the folder for your web files
    • ServerName - the server's hostname
    • SSLCertificateFile "conf/blarg.cert"
    • SSLCertificateKeyFile "conf/blarg.key"

  10. Restart Apache.

  11. Try loading https://localhost/ in your browser.

Hopefully you made it this far. Feel free to update this post with any other helpful info.

(Screenshots courtesy of Neil Obremski and his helpful article - although now quite out-of-date.)