https://localhost works but https://mydomain.com does not WAMPSERVER /a Apache

Did you purchase a generic certificate, or a specific certificate?

If you purchased a generic certificate then it should cover at least https://mydomain.com and https://www.mydomain.com

However, if you purchased a specific certificate it will cover one or the other, but not both.  In that case it becomes critical to redirect incoming requests with the wrong FQDN in the URL, to the correct FQDN, most likely using mod_rewrite.

I suppose its specific, but I tried both www and without.

https://localhost should fail with a certificate error.
Which tutorial did you use you didn't supply the link

Does your A record for mydomain.com point to your external ip AND do you have nat port forwarding rules from external to the ip of the machine that hosts wampserver

Yes my A records are there and I can reach http://www.mydomain.com. Im trying to make it https://mydomain.com.

This is the tutorial I followed.

https://articlebin.michaelmilette.com/how-to-add-ssl-https-to-wampserver/

https://localhost does fail with a certificate error saying that its for www.mydomain.com. I just click proceed anyway and it works.

You say...

"I purchased a Godaddy certificate and it works with https://localhost."

https://localhost SSL coverage isn't supported. SSL certs cover a set of hosts and/or domains.

This likely means you haven't correctly setup your local SSL coverage, so if you attempt to clone your local setup to a public setup, this simply won't work.

https://LetsEncrypt.org is far better to use than GoDaddy because all certs are free...

So... You can generate as many as you like to cover a wildcard space (all hosts on a domain) or individual host records.

Tip: https://www.ssllabs.com/ssltest/ will tell you when you have a correct SSL setup.

You're looking for an overall A+ score with 4x 100 detail scores. Also Stapling + HSTS (Strict Transport) correctly set, if your site requires highest performance (so high traffic).

You can verify exactly what coverage a cert provides via this command...

openssl x509 -in .../cert.pem -text -noout | egrep -e DNS:

Select allOpen in new window

I doubt you can even generate a cert to cover a local host, unless you dummy up a local cert some way...

Easy answer is run the openssl command + you'll know for sure what your cert covers.

I say that its working because when I goto https://localhost is says the certificate is for www.mydomain.com. It warns me about it and I have to click proceed anyway. So Apache sees my certificate and is able to process it.

Ah... Got it...

Then all you have to do is use the tester above to ring out problems with your SSL setup...

You can also post your real domain name + likely someone can point out any glaring problems that stand out.

mydomain.com

SSL for this site isn't even close to setup at all...

https://www.ssllabs.com/ssltest/analyze.html?d=epbpayroll.com shows starting problem.

Neither your domain or the www host is covered by your SSL config.

Tip: After you setup your SSL cert in Apache (looks like you're running Apache-2.4.27 which is excellent!) be sure you do a reload or restart to pull in the net SSL config + cert.

Also, best add to your list of items to upgrade from PHP-7.0 to PHP-7.2 as PHP-7.0 hits EOL (end of life support) in 3 months.

I did restart Apache. Why would it show there is an ssl certificate for that domain if I access it via https://localhost?

Because you told Apache that there is a certificate here.  The Web Server doesn't care about the domain name.

So what step am I missing here?

https://localhost is really meaningless. Answering this question will require you to understand + debug your local runtime environment.

Even at that, no visitor will every visit https://localhost, so likely best to first get your public SSL cert working... if visitors to your site are important...

To get SSL for your public site working...

1) Verify you actually have a correct SSL cert (see the openssl command above).

If you get back output covering epbpayroll.com + www.epbpayroll.com then proceed.

2) Verify you actually have your SSL cert plumbed in to Apache correctly.

For this, you will have to understand + debug your local environment.

And, since your running Windows your tools are sorely limited for this. On Linux it's trivial to determine if your SSL file is read.

On Windows... the way many people do this is put a hard  syntax error into a file. So in your cert file type... random jibberish into the first line + remove the first cert line stanza.

The result should be Apache refusing to start. If Apache does start, then your cert file isn't being read.

3) If your cert file is being read, then you'll move on to your version of Apache + debug settings for your VirtualHost.

So... one step at a time... Always expect everything to be broken + you'll likely find the problem faster, than thinking everything is working correctly.

I had everything set correctly when I started this post. The issue was a port issue on the firewall. Opened port 443 and BAM!