Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
327 views
in Technique[技术] by (71.8m points)

php - How to enable SSL in Wamp Server?

I have tried searching for it online, but I got confused. I didn't get any clarity.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

STEP BY STEP tutorial

Copied from the link:

Enabling SSL on WAMP

This step by step guide explains how you can enble SSL on WAMP.

  1. Download WampServer 2.0 from here and install it to the default location (c:wamp).

  2. Now, we need to have a private/public key pair as well as a CA to sign our public key.

First, lets see how we can create a private/public key pair.

keytool -genkey -alias rpcert -keyalg RSA -keysize 1024 -dname "CN=identity-rp,L=SL,S=WS,C=LK" -keypass wso2key -keystore rpkeystore.jks -storepass wso2key

This will create a keystore [rpkeystore.jks] with public/private key pair.

My previous post explains how you can export your private key from the keystore. Just follow the steps given there and you'll end up with a file server.key, which is your private key.

Now, we need to sign our public certificate with a CA.

This - requires us to create a sample CA and following explains how to do that.

Here we use OpenSSL to build the required CA infrastructure. For Windows you can download Win32 OpenSSL v0.9.8g from here.

Once installed make sure you add C:OpenSSLin [i.e [INSTALLED_LOCATION]in] to the PATH env variable.

openssl req -x509 -newkey rsa:1024 -keyout cakey.pem -out cacert.crt

The above will creare a public/private key pair for our sample CA.

Now, we need to create a certificate signing request to our server.

Go to the folder where you created the keystore [rpkeystore.jks] and issue the following command.

keytool -certreq -v -alias rpcert -file csr.pem -keypass wso2key -storepass wso2key -keystore rpkeystore.jks 

Now copy the csr.pem to the folder where you generated keys for the CA and issue the following command from there.

openssl x509 -req -days 365 -in csr.pem -CA cacert.crt -CAkey cakey.pem -CAcreateserial -out server.crt

By now we have all the requiured files.

cacert.crt --> CA public certificate server.crt --> Server public certificate signed by the CA server.key --> Server private key.

Copy all the above three files to c:wampinapacheapache2.2.8conf assuming you installed WAMP to the default location.

Also edit c:WINDOWSsystem32driversetchosts file and add the following entry.

127.0.0.1 identity-rp

If you could recall, when we creating the public certificate for our server, we created it for identity-rp.

  1. Edit httpd.conf [C:wampinapacheapache2.2.8conf]

Uncomment the following two lines.

LoadModule ssl_module modules/mod_ssl.so

Include conf/extra/httpd-ssl.conf

Find Listen 80 and change it to Listen 12081 - that is our server is running on port number 12081.

Find ServerName and set it to ServerName identity-rp:12081.

  1. Edit httpd-ssl.conf [C:wampinapacheapache2.2.8confextra]

    Set Listen identity-rp:12444 - we are listening to port 12444 for secure communication.

    Set

    Set DocumentRoot "C:/wamp/www/"

    Set ServerName identity-rp:12444

For the entire file find "C:/Program Files/Apache Software Foundation/Apache2.2" and replace with "C:/wamp/bin/apache/apache2.2.8".

Find SSLCertificateFile and set SSLCertificateFile "C:/wamp/bin/apache/apache2.2.8/conf/server.crt"

Find SSLCertificateKeyFile and set SSLCertificateKeyFile "C:/wamp/bin/apache/apache2.2.8/conf/server.key"

Find SSLCACertificateFile and set SSLCACertificateFile "C:/wamp/bin/apache/apache2.2.8/conf/cacert.crt"

  1. Edit php.ini (C:wampinapacheapache2.2.8in)

Uncomment the line extension=php_openssl.dll

  1. Now we are done - do a syntax check and start the apache server.

    :> cd C:wampinapacheapache2.2.8in :> httpd -t :> httpd --start

  2. Type https://identity-rp:12444 on your browser - you'll see a certificate error at the brower - to avoid it install CA certificate in your browser.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

2.1m questions

2.1m answers

60 comments

57.0k users

...