Search notes:
XAMPP: Create and use certificates
First, we need to open a
PowerShell session and define a couple of variables:
$domain = 'the-domain.tq84'
$xampp_root = "$home/xampp"
When I tried to create the certificates, I was struggling with Invalid self signed SSL cert - "Subject Alternative Name Missing" errors thrown by Chrome.
First, we need an OpenSSL config file which is created by the following
command :
@"
[ req ]
default_bits = 4096
distinguished_name = req_distinguished_name
req_extensions = req_ext
prompt = no
[ req_distinguished_name ]
commonName = $domain
[ req_ext ]
subjectAltName = DNS:$domain
# subjectAltName = IP:192.168.0.1
"@ | out-file -encoding ascii ssl.conf
A private key is needed:
& $xampp_root\apache\bin\openssl genrsa -out private-key.pem
We also need a Client Server Request (CSR) …
& $xampp_root\apache\bin\openssl req -new -key private-key.pem -out server.csr -config ssl.conf
… with which the certificate can be created:
& $xampp_root\apache\bin\openssl x509 -req -days 365 -in server.csr -signkey private-key.pem -out server.crt -extensions req_ext -extfile ssl.conf
The CSR itself is not actually needed:
rm server.csr
We copy the private key and the certificate to the apache/conf
directory:
cp private-key.pem $xampp_root\apache\conf
cp server.crt $xampp_root\apache\conf
The certificate needs also to be installed into Trusted Root Certification Authorities (here for the current user):
import-certificate -filePath server.crt -certStoreLocation cert:\currentUser\Root
It would also be possible to install it for all users on the local machine:
# import-certificate -filePath server.crt -certStoreLocation cert:\localMachine\Root
127.0.0.1 the-domain.tq84
<VirtualHost the-domain.tq84:443>
ServerAdmin bla@the-domain.tq84
DocumentRoot "C:/users/rene/XAMPP/htdocs"
ServerName the-domain.tq84
ServerAlias *.the-domain.tq84
ErrorLog "logs/the-domain.tq84.log"
CustomLog "logs/the-domain.tq84.log" common
SSLEngine on
SSLCertificateFile "conf/server.crt"
SSLCertificateKeyFile "conf/private-key.pem"
</VirtualHost>