apache2 / WampServer - instruction how to enable https on Windows (SSL / TSL connection)
In this article we would like to show how to enable HTTPS connection for Apache 2.4 under Windows.
Note: presented solution should be working for Linux too.
Read below sections to know:
- what software should be used,
- how to generate certificates,
- what Apache 2 modules are requred,
- how to configure server,
- how restart server,
- how to verify https connection.
During configuration following software were used (treat it only as recommendation):
- Windows 10,
- Apache 2.4.39 installed as WampServer x64 (download link here),
- PHP 7.3.5 (is installed automatically with WampServer, we need to select it with context menu only).

To enable HTTPS it is necessary to do 3 things: prepare certificate, enable required modules and set server configurations.
Do following steps:
We can buy certificate, use free certificate or create self signed one.
In this section we use self signed certificate.
Do following steps:
- at begining we need to create directory to store certificates - in my case it will be:
xxxxxxxxxx
1C:\wamp64\bin\apache\apache2.4.39\conf\cert\
- check if you have installed
openssl
, or download and install it from here, - open Windows Command Prompt and run following command to create key with certificate:
xxxxxxxxxx
1"C:\Program Files\OpenSSL-Win64\bin\openssl.exe" req -x509 -newkey rsa:4096 -keyout "C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.key" -out "C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.crt" -days 365
Where:
- paths should be addopted to correct locations,
- we will use RSA key,
- certificate will expire after 365 days.Note: we will be asked for some informations, where most important will be to type
our_secret_password
(it is called PEM pass phrase). -
convert encrypred key to RSA key with following command:
xxxxxxxxxx
1"C:\Program Files\OpenSSL-Win64\bin\openssl.exe" rsa -in "C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.key" -out "C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.key"
Note: use same
Example output:our_secret_password
during conversion.xxxxxxxxxx
1C:\>"C:\Program Files\OpenSSL-Win64\bin\openssl.exe" req -x509 -newkey rsa:4096 -keyout "C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.key" -out "C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.crt" -days 365
2Generating a RSA private key
3.................................................................................++++
4........................................................++++
5writing new private key to 'C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.key'
6Enter PEM pass phrase:
7Verifying - Enter PEM pass phrase:
8-----
9You are about to be asked to enter information that will be incorporated
10into your certificate request.
11What you are about to enter is what is called a Distinguished Name or a DN.
12There are quite a few fields but you can leave some blank
13For some fields there will be a default value,
14If you enter '.', the field will be left blank.
15-----
16Country Name (2 letter code) [AU]:PL
17State or Province Name (full name) [Some-State]:Lesser Poland
18Locality Name (eg, city) []:Cracow
19Organization Name (eg, company) [Internet Widgits Pty Ltd]:ACME
20Organizational Unit Name (eg, section) []:
21Common Name (e.g. server FQDN or YOUR name) []:localhost
22Email Address []:
23
24C:\>"C:\Program Files\OpenSSL-Win64\bin\openssl.exe" rsa -in "C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.key" -out "C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.key"
25Enter pass phrase for C:\wamp64\bin\apache\apache2.4.39\conf\cert\localhost.key:
26writing RSA key
27
28C:\>
In this case we need to enable only one module: ssl_module
.
We can do it in 2 ways:
- from context menu: Apache -> Apache modules -> ssl_module
- from configuration file
c:\wamp64\bin\apache\apache2.4.39\conf\httpd.conf
by uncommenting following line:xxxxxxxxxx
1LoadModule ssl_module modules/mod_ssl.so
We need to set listening ports for https and add virtual server that uses https protocol.
Add to c:\wamp64\bin\apache\apache2.4.39\conf\httpd.conf
file, following lines:
xxxxxxxxxx
Listen 0.0.0.0:443
Listen [::0]:443
Note: you can put is below
Listen 0.0.0.0:80
(useCtrl
+F
keys in your Notepad to find phrase).
Add to c:\wamp64\bin\apache\apache2.4.39\conf\extra\httpd-vhosts.conf
file, following lines:
xxxxxxxxxx
<VirtualHost *:443>
ServerName localhost
ServerAlias localhost
DocumentRoot "${INSTALL_DIR}/www"
SSLEngine on
SSLCertificateKeyFile "${INSTALL_DIR}/bin/apache/apache2.4.39/conf/cert/localhost.key"
SSLCertificateFile "${INSTALL_DIR}/bin/apache/apache2.4.39/conf/cert/localhost.crt"
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
<Directory "${INSTALL_DIR}/www/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require local
</Directory>
</VirtualHost>
Note: you can put it at the end of the file.
Most simple is to click Restart All Services item in WampServer context menu located in try bar (check first screenshot).
Type in web browser address bar https://localhost
and confirm with Enter key.
For self signed certificate it will be necessary to confirm certificate - look on bellow confirmation examples.
Note: to see how to verify https with openssl read this article.


