Steps for making WAMP server work with SSL

February 26, 2013

I recently had to help some team members that were using WAMP in their development environment set up SSL on their localhost.  Since I was using a LAMP stack in my development environment, I had to do some searching and not one website I came accross had instructions that actually worked.  Here is what worked on my test WAMP setup and for my team members.  This was using Windows 7 & 8, WampServer 2.2E, and Apache 2.4 on 64-bit machines.  I include this information just to inform you that by the time you read it, if it doesn't work, it may be because the technologies have changed.  Anywho, here are the 24 easy steps!


  1. Make sure you have openssl installed.  I think it might come with WAMP server because I don't recall installing it but I had it.  Maybe it comes with Windows Power Shell 2, not sure. Anyways go to the command line and type "openssl version".  If you get a response then all is good. If not figure out how to download it and set it up so that that command works.

  2. Go to "wamp\bin\apache\apache2.4.2\bin" using either power shell or cmd.

  3. Type "openssl genrsa -aes256 -out pass.key 2048".  The out argument can be whatever you want.  If you don't want to think about what the commands are doing just use "pass.key" because that is what I will use in the next step.  After you type this you will have to enter a password and confirm it.  Choose anything.  You will only need it in the next step so don't worry, you don't have to remember it long.

  4. Type "openssl rsa -in pass.key -out localhost.key".  Once again the out argument is up to you and make sure the in argument matches the out argument from the previous step.  You will have to enter the password from the previous step after hitting enter.

  5. Type "openssl req -new -x509 -nodes -sha1 -key localhost.key -out localhost.crt -days 365 -config C:\wamp\bin\apache\apache2.4.2\conf\openssl.cnf".  The key argument is whatever you named the out argument on the previous step.  I'm sure you got the deal with the out argument by now.  I set my certificate to last for 365 days.  That means in a year I will have to do this step again but I'm sure we won't be working on this anymore so it really doesn't matter.

  6. Alright we are done with the command line for now.  Open 2 file browsers.  The first one to "wamp\bin\apache\apache2.4.2\bin" and the second to "wamp\bin\apache\2.4.2\conf".

  7. In the conf directory create a folder called "ssl".

  8. Copy and paste "localhost.key" and "localhost.cry" to the "ssl" folder.

  9. Inside the "ssl" folder create a folder called "logs".

  10. Now comes the fun part of updating configure files.  I hope I can remember every line that I changed.  Go back one level to the "conf" directory and then go into the "extra" directory.

  11. Open "httpd-ssl.conf" in your favorite text editor.

  12. Uncomment the line starting with "SSLSessionCache" and change the location to be "shmcb:c:/wamp/bin/apache/apache2.4.2/logs/ssl_scache(512000)".  I don't know how to write this to be perfectly clear but make sure in the actual configure file the quotes are around the location.

  13. In the "<VirtualHost _default_:443>" area we are going to have to update all that information to point to our actual location of stuff. So change "DocumentRoot" to "c:/wamp/www". Make sure that you have the actual quotes around all of these like the values do that you are changing.

  14. Change "ServerName" to "localhost:443.

  15. Change "ErrorLog" to "c:/wamp/bin/apache/apache2.4.2/conf/ssl/logs/error.log"

  16. Change "TransferLog" to "c:/wamp/bin/apache/apache2.4.2/conf/ssl/logs/access.log".

  17. Change "SSLCertificateFile" to "c:/wamp/bin/apache/apache2.4.2/conf/ssl/localhost.crt".

  18. Change "SSLCertificateKeyFile" to "c:/wamp/bin/apache/apache2.4.2/conf/ssl/localhost.key".

  19. Go to the part where it says "<Directory ...>". I can't remember what the default value is but change it to be '<Directory "c:/wamp/www">'

  20. Last things to change in this configure file.  Change "CustomLog" to point to the log folder we created.  So it should be "c:/wamp/bin/apache/apache2.4.2/conf/ssl/logs/ssl_request.log".  Leave the "\" and everything after it the same.

  21. We need to enable two apache modules.  You can do this using the system tray or going up one directory from "extra" and editing the "httpd.conf" file.  The first module you need to enable is the "ssl_module" (uncomment that line in the conf) or "mod_ssl" if you are going the system tray route.

  22. Also enable the "socache_shmcb_module".

  23. Finally uncomment the line that says "Include conf/extra/httpd-ssl.conf".

  24. We are almost there as long as I didn't miss a step.  Go back to the command line and type "./httpd -t" and hopefully you get "syntax ok".  If you do restart the apache server and SSL should work for you.  If not we will start debugging.
LAMP servers seem to be a bit better documented but if I ever have to set it up again or help someone else set it up I will post the steps here.  They should be quite similar.
Functional Typescript
Recent Posts