https://localhost works but https://mydomain.com does not WAMPSERVER /a Apache

I am using WAMPSERVER 3.1.0 which incorporates Apache. I followed this tutorial to create an ssl certificate and use https on my site. I purchased a Godaddy certificate and it works with https://localhost but does not work with https://mydomain.com. It's like it cannot find it, however http://mydomain.com does work.

Any help would be apprecaited!
cnl83Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dr. KlahnPrincipal Software EngineerCommented:
Did you purchase a generic certificate, or a specific certificate?

If you purchased a generic certificate then it should cover at least https://mydomain.com and https://www.mydomain.com

However, if you purchased a specific certificate it will cover one or the other, but not both.  In that case it becomes critical to redirect incoming requests with the wrong FQDN in the URL, to the correct FQDN, most likely using mod_rewrite.
0
cnl83Author Commented:
I suppose its specific, but I tried both www and without.
0
David Johnson, CD, MVPOwnerCommented:
https://localhost should fail with a certificate error.
Which tutorial did you use you didn't supply the link

Does your A record for mydomain.com point to your external ip AND do you have nat port forwarding rules from external to the ip of the machine that hosts wampserver
2
Do You Have a Trusted Wireless Environment?

A Trusted Wireless Environment is a framework for building a complete Wi-Fi network that is fast, easy to manage, and secure.

cnl83Author Commented:
Yes my A records are there and I can reach http://www.mydomain.com. Im trying to make it https://mydomain.com.

This is the tutorial I followed.

https://articlebin.michaelmilette.com/how-to-add-ssl-https-to-wampserver/

https://localhost does fail with a certificate error saying that its for www.mydomain.com. I just click proceed anyway and it works.
0
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
You say...

"I purchased a Godaddy certificate and it works with https://localhost."

https://localhost SSL coverage isn't supported. SSL certs cover a set of hosts and/or domains.

This likely means you haven't correctly setup your local SSL coverage, so if you attempt to clone your local setup to a public setup, this simply won't work.

https://LetsEncrypt.org is far better to use than GoDaddy because all certs are free...

So... You can generate as many as you like to cover a wildcard space (all hosts on a domain) or individual host records.

Tip: https://www.ssllabs.com/ssltest/ will tell you when you have a correct SSL setup.

You're looking for an overall A+ score with 4x 100 detail scores. Also Stapling + HSTS (Strict Transport) correctly set, if your site requires highest performance (so high traffic).

You can verify exactly what coverage a cert provides via this command...

openssl x509 -in .../cert.pem -text -noout | egrep -e DNS:

Open in new window


I doubt you can even generate a cert to cover a local host, unless you dummy up a local cert some way...

Easy answer is run the openssl command + you'll know for sure what your cert covers.
0
cnl83Author Commented:
I say that its working because when I goto https://localhost is says the certificate is for www.mydomain.com. It warns me about it and I have to click proceed anyway. So Apache sees my certificate and is able to process it.
0
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Ah... Got it...

Then all you have to do is use the tester above to ring out problems with your SSL setup...

You can also post your real domain name + likely someone can point out any glaring problems that stand out.
0
cnl83Author Commented:
mydomain.com
0
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
SSL for this site isn't even close to setup at all...

https://www.ssllabs.com/ssltest/analyze.html?d=epbpayroll.com shows starting problem.

Neither your domain or the www host is covered by your SSL config.

Tip: After you setup your SSL cert in Apache (looks like you're running Apache-2.4.27 which is excellent!) be sure you do a reload or restart to pull in the net SSL config + cert.

Also, best add to your list of items to upgrade from PHP-7.0 to PHP-7.2 as PHP-7.0 hits EOL (end of life support) in 3 months.
1
cnl83Author Commented:
I did restart Apache. Why would it show there is an ssl certificate for that domain if I access it via https://localhost?
0
David Johnson, CD, MVPOwnerCommented:
Because you told Apache that there is a certificate here.  The Web Server doesn't care about the domain name.
0
cnl83Author Commented:
So what step am I missing here?
0
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
https://localhost is really meaningless. Answering this question will require you to understand + debug your local runtime environment.

Even at that, no visitor will every visit https://localhost, so likely best to first get your public SSL cert working... if visitors to your site are important...

To get SSL for your public site working...

1) Verify you actually have a correct SSL cert (see the openssl command above).

If you get back output covering epbpayroll.com + www.epbpayroll.com then proceed.

2) Verify you actually have your SSL cert plumbed in to Apache correctly.

For this, you will have to understand + debug your local environment.

And, since your running Windows your tools are sorely limited for this. On Linux it's trivial to determine if your SSL file is read.

On Windows... the way many people do this is put a hard  syntax error into a file. So in your cert file type... random jibberish into the first line + remove the first cert line stanza.

The result should be Apache refusing to start. If Apache does start, then your cert file isn't being read.

3) If your cert file is being read, then you'll move on to your version of Apache + debug settings for your VirtualHost.

So... one step at a time... Always expect everything to be broken + you'll likely find the problem faster, than thinking everything is working correctly.
0
cnl83Author Commented:
I had everything set correctly when I started this post. The issue was a port issue on the firewall. Opened port 443 and BAM!
0
cnl83Author Commented:
I had everything set correctly when I started this post. The issue was a port issue on the firewall. Opened port 443 and BAM!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
wamp

From novice to tech pro — start learning today.