We help IT Professionals succeed at work.

Apache and ssl certificates

doctorbill
doctorbill asked
on
Apache installation (xampp 7.1.29):

Please can someone give me a STEP by STEP guide to adding a valid ssl to my new apache (xampp) installation
The server is already working with my website but I need to put in a valid ssl certificate
I need to know the process of generating an ssl and adding it
The ssl will be fo www.mydomainname.com
Comment
Watch Question

David FavorFractional CTO
Distinguished Expert 2018

Commented:
First you must have a public IP, as SSL certs only work with public IPs.

Trying to get a cert working on a local/private/unroutable IP will fail.

1) Generate a cert.

https://www.experts-exchange.com/questions/29164536/SSL-Solution-for-Multi-Domain-Multi-Host.html covers how I generate certs.

There are many correct answers for "how to generate a cert".

2) Install the cert in your Apache config.

https://www.experts-exchange.com/questions/29137540/How-to-Get-Apache-on-MAMP-Pro-to-only-server-HTTPS.html covers one way to install certs for Apache.

There are also many correct answers to this question too.
First you must have a public IP

Yes and No

If you're looking to add a SSL Certificate for a website accessible by the the internet, then yes you will need a public IP

If you're looking to add a SSL Certificate for a internal web portal (etc) accessible only internally, then no, you do not need a public IP

SSL certs only work with public IPs.

Again, yes and no

"IF" you're looking to use a purchased (or LetsEncrypt) SSL Cert, then yes you will need a public IP

IF you're looking to use a "Self-Signed" certificate, then no you do not need a public IP.

SSL certificates work perfectly fine on private networks/IP's

Author

Commented:
I already have a wildcard ssl but I need to know specifically how to add it to xampp (apache)
I need the steps please
Fractional CTO
Distinguished Expert 2018
Commented:
Summary: You'll add your cert files to the <VirtualHost> container for your site.

https://www.experts-exchange.com/questions/29137540/How-to-Get-Apache-on-MAMP-Pro-to-only-server-HTTPS.html provides details for one approach to resolving your question.

Author

Commented:
This currently what I have:

## site.test (for ssl)
 <VirtualHost *:80>
     DocumentRoot "C:/xampp/htdocs"
     ServerName inventas.co.uk
     ServerAlias *.inventas.co.uk
 </VirtualHost>
 <VirtualHost *:443>
     DocumentRoot "C:/xampp/htdocs"
     ServerName inventas.co.uk
     ServerAlias *.inventas.co.uk
     SSLEngine on
     SSLCertificateFile "ssl.cert/wildcard_inventas_co_uk.crt"
     SSLCertificateKeyFile "ssl.key/wildcard_inventas_co_uk.key"
 </VirtualHost>

When I try to use it the apache server does not start

Author

Commented:
It's in the httpd.conf file
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Attach a copy of your /var/log/apache2/error.log file (as text, not an image).

Your Distro may place this file a different place, you may have to dig around /usr/local or /var/log to find the correct file.

This file will contain the exact error. Likely you'll understand the fix, from just a glance at your Apache error log file.
Your Distro may place this file a different place

David brought up a valid point

It's in the httpd.conf file

Typically you would place :80 host information in httpd-vhosts.conf and :443 host information in httpd-ssl.conf

In httpd.conf you'd need to uncomment (remove the "#" symbol) on the include lines for the two files as well as additional items needed for ssl

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

Open in new window


Additional setup may be needed depending on your setup, but that's what would be the basics of what should be needed

Author

Commented:
Thanks all