WampServer

Error:

C:\Users\kingfisher>cd C:\wamp\bin\apache\apache2.4.9\bin

C:\wamp\bin\apache\apache2.4.9\bin>httpd -t
AH00112: Warning: DocumentRoot [C:/Apache24/docs/dummy-host.example.com] does not exist
AH00112: Warning: DocumentRoot [C:/Apache24/docs/dummy-host2.example.com] does not exist
AH00112: Warning: DocumentRoot [C:/websites/JSET] does not exist
(OS 3)The system cannot find the path specified.  : AH02297: Cannot access directory 'C:/Apache24/logs/' for log file 'c:/Apache24/logs/ssl_request.log' defined at C:/wamp/bin/apache/apache2.4.9/conf/extra/httpd-ssl.conf:254
AH00014: Configuration check failed

C:\wamp\bin\apache\apache2.4.9\bin>

Hi RiggsFolly,

Good Morning and wishing you good health and a Happy New Year! ( though a few days old)

I tried to install Open SSL as per the video on Tube and the last step was:

Step 7:

	C:\wamp\bin\apache\apache x.x.x\conf\extra\httpd-ssl.conf
	<VirtualHost _default_:443> (Below this line check following parameters)
-------------------
	DocumentRoot "C:/wamp/www"
	ServerName localhost:443
	ServerAdmin admin@example.com
	ErrorLog "C:/wamp/bin/apache/apache2.4.9/logs/ssl_error.log"
	TransferLog "C:/wamp/bin/apache/apache2.4.9/logs/ssl_access.log"

	SSLCertificateFile "C:/wamp/bin/apache/apache2.4.9/conf/key/certificate.crt"
	SSLCertificateKeyFile "C:/wamp/bin/apache/apache2.4.9/conf/key/private.key"
-------------------
	httpd -t (To check the validity of file)

Wamp server icon now remains only Yellow and won'to go to Green.

Can you please comment where sand might have got into the works?

Regards,

Caydee

Wamp Server 2.5
Apache 2.4.9
PHP 5.5.2
MySQL 5.6.17
Windows 10

Changes and original (commented out) are as below:

<VirtualHost _default_:443>

#   General setup for the virtual host
DocumentRoot "C:/wamp/www"
#DocumentRoot "c:/Apache24/htdocs"
ServerName localhost:443
#ServerName www.example.com:443
ServerAdmin admin@example.com
#ServerAdmin admin@example.com
ErrorLog "C:/wamp/bin/apache/apache2.4.9/logs/ssl_error.log"
#ErrorLog "c:/Apache24/logs/error.log"
TransferLog "C:/wamp/bin/apache/apache2.4.9/logs/ssl_access.log"
#TransferLog "c:/Apache24/logs/access.log"

#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on

#   Server Certificate:
#   Point SSLCertificateFile at a PEM encoded certificate.  If
#   the certificate is encrypted, then you will be prompted for a
#   pass phrase.  Note that a kill -HUP will prompt again.  Keep
#   in mind that if you have both an RSA and a DSA certificate you
#   can configure both in parallel (to also allow the use of DSA
#   ciphers, etc.)
#   Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
#   require an ECC certificate which can also be configured in
#   parallel.
SSLCertificateFile "C:/wamp/bin/apache/apache2.4.9/conf/key/certificate.crt"
#SSLCertificateFile "c:/Apache24/conf/server.crt"
#SSLCertificateFile "c:/Apache24/conf/server-dsa.crt"
#SSLCertificateFile "c:/Apache24/conf/server-ecc.crt"

#   Server Private Key:
#   If the key is not combined with the certificate, use this
#   directive to point at the key file.  Keep in mind that if
#   you've both a RSA and a DSA private key you can configure
#   both in parallel (to also allow the use of DSA ciphers, etc.)
#   ECC keys, when in use, can also be configured in parallel
SSLCertificateKeyFile "C:/wamp/bin/apache/apache2.4.9/conf/key/private.key"
#SSLCertificateKeyFile "c:/Apache24/conf/server.key"
#SSLCertificateKeyFile "c:/Apache24/conf/server-dsa.key"
#SSLCertificateKeyFile "c:/Apache24/conf/server-ecc.key"

#   Per-Server Logging:
#   The home of a custom SSL log file. Use this when you want a
#   compact non-error SSL logfile on a virtual host basis.
CustomLog "c:/Apache24/logs/ssl_request.log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

Caydee

IN ALL THINGS BE MEN
Windows 10 x64 | WAMP 3.3.2 - x64 | Apache 2.4.58 | MySQL 8.2.0 | PHP 8.2.13 | PHPMyAdmin 5.2.0

Hi caydee,

Happy New Year to you too!

I will have a look, but the first place to start is by checking the "Windows Event Viewer" as this is the most likely place for error messages to be sent by Apache when its config is in a bit of a mess.

Let me know what you find.

---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-

I checked the Event Viewer, which is showing the same errors shown above in the first set of errors.

In addition to that it showed:

AH00526: Syntax error on line 109 of C:/wamp/bin/apache/apache2.4.9/conf/extra/httpd-ssl.conf:     .

The Apache service named  reported the following error:
>>> SSLCertificateFile: file 'C:/Apache24/conf/server.crt' does not exist or is empty     .

<Data>(OS 3)The system cannot find the path specified.  : AH02297: Cannot access directory 'C:/Apache24/logs/' for log file 'c:/Apache24/logs/ssl_request.log' defined at C:/wamp/bin/apache/apache2.4.9/conf/extra/httpd-ssl.conf:254</Data>

Syntax error on line 109 is a line that is commented out

line 108 SSLCertificateFile "C:/wamp/bin/apache/apache2.4.9/conf/key/certificate.crt"
line 109 #SSLCertificateFile "c:/Apache24/conf/server.crt"

The main problem seems to be that it is looking for C:\ Apache24\.. , but is finding C:\wamp\apache2.4.9\..

Would it be easier to obliterate the whole (WAMP) installation and begin from scratch?

I must have been mad as the hatter when it was just working so smoothly without the bloody Open SSL.

Regards,

Caydee

No dont throw the install away.

There must be a line in in C:/wamp/bin/apache/apache2.4.9/conf/extra/httpd-ssl.conf that contains the path C:/Apache24/conf/server.crt

So either you or your editor cannot count!


Do a search for "server.crt" and see if one line exists without the `#` comment

Also make sure you are not editing the config file with notepad as that can get confused sometimes

---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-

Lest I lose my acountability, I reverted back to WAMP without OpenSSL. Uninstalled it and removed the certificates and key, restored paths and re-commented-in "#Include conf/extra/httpd-ssl.conf" (won't work with that commented out).

Now, WAMP goes straight from RED to GREEN!

Have a nice weekend in the meantime,

Caydee

PS: Still wonder why the fiasco with Open SSL..

Remember, that the only changes you make to ge SSL working should be done in the conf/extra/httpd-ssl.conf So if you get issues with what you did, all you nneed to do to get back to a working system is comment out the include in the httpd.conf file. No need to be uninstalling and re-installing.

Here is a tutorial I made up a few years ago now, it may be a little out of date, but you are welcome to see if it still works.

And if not, and you work out what is wrong, you could send me some updates.




-----------------------------------------------



How to Configure WAMPServer to use HTTPS SSL


This is not a trivial process. This tutorial will, hopefully, get SSL working for you.
However getting it configured to match your secific requirements once it is working is TOTALLY DOWN TO YOU.

Additional reading for all who travel this road
Remember this is Apache and PHP we are configuring here and not WAMPServer, so it is all documented on the Apache and PHP sites if you get any issues or have any specific requirements.

Ok,

I have based this tutorial on the creation of a site called www.wamphelpers.dev So whereever you see that name change it to the site name you are trying to secure.

I started by creating a unsecured site, in \wamp\www\wamphelpers

added a Virtual Host for that site, in httpd-vhosts.conf

<VirtualHost *:80>
    DocumentRoot "c:/wamp/www"
    ServerName localhost
    ServerAlias localhost
    <Directory  "c:/wamp/www">
        AllowOverride All
        Require local
    </Directory>
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "c:/wamp/www/wamphelpers"
    ServerName wamphelpers.dev
    ServerAlias www.wamphelpers.dev
    <Directory  "c:/wamp/www/wamphelpers">
        AllowOverride All
        Require local
    </Directory>
</VirtualHost>

Added its name to the C:\windows\system32\drivers\etc\hosts

127.0.0.1 wamphelpers.dev www.wamphelpers.dev
::1       wamphelpers.dev www.wamphelpers.dev

Now restart the dnscache as follows from a command windows launched using 'Run as Administrator'

net stop dnscache
net start dnscache

Then created a simple script in \wamp\www\wamphelpers\index.php

<?php
    echo 'Hello, this is the WAMPHELPERS.DEV site homepage';
?>

Now restart Apache and make sure that your simple unsecured site is working before continuing


---------- The openssl toolkit. ----------

The openssl.exe, ssleay32.dll and libeay32.dll come with, and are located in, the C:\wamp\bin\apache\apachex.y.z\bin folder
This should be all you need to create your self signed certificate !!




---------- Generate keys and Certificates. ----------

STEP 1: Generate an RSA Private Key

First we need to create ourselves a certificate.
The normal (paid for) process is to create your certificate and then pass it to a signing authority.
This is why it costs money, as they have to do, due dilligence, to check that you are who you say you are and that site that you will use the certificate on is real and legitimate.

The openssl toolkit is used to generate an RSA Private Key and CSR (Certificate Signing Request) to be used for our Certificate.
The first step is to create your RSA Private Key.
This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text.


Open up a Command window (Dos box) using Run as Administrator
Change Directory to where you installed the OpenSSL Toolkit above.
In my case this is

set openssl_conf=c:\wamp\bin\apache\{apache_version}\conf\openssl.cnf
CD c:\wamp\bin\apache\{apache_version}\bin

Make a folder for the output to be put in ( to keep the bin folder tidy ) I used website

md website

Now enter this command:

openssl genrsa -out website\server.key 2048

This should have created a file in the 'website' folder called privkey.pem, without a pass phrase key, check it exists.


Step 2: Generate a CSR (Certificate Signing Request)

During the generation of the CSR, you will be prompted for several pieces of information.
These are the X.509 attributes of the certificate.
One of the prompts will be for "Common Name (e.g. server FQDN or YOUR name) []:".
It is important that this field be filled in with the fully qualified domain name of the server to be protected by SSL.
So if the website to be protected will be `[www.wamphelpers.dev]`, then enter `www.wampheplers.dev` at this prompt.

Do not enter anything to the question: A challenge password []:] - Just press Enter.
If you do enter a passphrase here when you come to start Apache with SSL configured Apache will not start and will give this error message :-

*[error] Init: SSLPassPhraseDialog builtin is not supported on Win32*

Basically if you do enter a passphrase Apache is supposed to challenge you for that passphrase each time it starts.
This is obviously not going to make your life any easier but primarily on windows it does not actually work and will
cause Apache to crash when it attempts to ask for the passphrase, with the above error.

The command to generate the CSR is as follows:

openssl req -new -key website\server.key -out website\server.csr

Example question and answers:

    Country Name (2 letter code) [AU]:GB
    State or Province Name (full name) [Some-State]: Hampshire
    Locality Name (eg, city) []: Portsmouth
    Organization Name (eg, company) [Internet Widgits Pty Ltd]: Wamp Helpers Ltd
    Organizational Unit Name (eg, section) []: Information Technology
    Common Name (e.g. server FQDN or YOUR name) []: www.wamphelpers.dev
    Email Address []: me@wamphelpers.dev

    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []: ( leave blank just hit the enter key )
    An optional company name []: ( leave blank just hit the enter key )

Step 3: Generating a Self-Signed Certificate

At this point you will need to generate a self-signed certificate because you either don't plan on having your certificate signed by a CA, or you wish to test
your new SSL implementation while the CA is signing your certificate.

openssl x509 -req -days 365 -in website\server.csr -signkey website\server.key -out website\server.crt

PRE - WARNING
Because we are not getting this certificate signed by a Certificate Authority, this certificate will generate an error in the client browser to the effect that
the signing certificate authority is unknown and not trusted.
This is unavoidable as we are signing the certificate ourselves, but of course the web of trust does not know who we are.
See example later in this document showing how to tell your browser that you actually trust this certificate


Example output:

Loading 'screen' into random state - done
Signature ok
subject=/C=GB/ST=Hampshire/L=Portsmouth/O=WampHelpers Ltd/OU=Information Technology/CN=www.wamphelpers.dev/emailAddress=riggsfolly@wamphelpers.dev
Getting Private key

Step 4: Installing the Private Key and Certificate

Create these 2 directories under the version of Apache you are using.

md c:\wamp\bin\apache\apachex.y.z\conf\ssl.key
md c:\wamp\bin\apache\apachex.y.z\conf\ssl.crt

And copy the file we have just generated into them like so:

copy website\server.crt c:\wamp\bin\apache\apachex.y.z\conf\ssl.crt
copy website\server.key c:\wamp\bin\apache\apachex.y.z\conf\ssl.key

Step 5: Configure Apache to activate SSL

Edit httpd.conf, Check that this line is uncommented

LoadModule ssl_module modules/mod_ssl.so

Remove the comment '#' from this line also

Include conf/extra/httpd-ssl.conf

Then move that line after this block <IfModule ssl_module>.... </IfModule> like so

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

Step 6: Configure PHP to activate SSL

Edit your php.ini ( use the wampmanager menus so you edit the correct one )

Remove the comment ';' from this line

extension=php_openssl.dll

Step 7: Configure your secure sites Virtual Host

Yup for all you Virtual Host nay sayers, now you cannot avoid the process.

Edit "\wamp\bin\apache\apachex.y.z\conf\httpd-ssl.conf"

This file is released by Apache and contains some default file location.
We can leave most of this file as it is, but we need to configure the virtual host in here to match our actual sites location and a few other things so:

find these lines

DocumentRoot "c:/Apache2/htdocs"
ServerName www.example.com:443
ServerAdmin admin@example.com
ErrorLog "c:/Apache2/logs/error.log"
TransferLog "c:/Apache2/logs/access.log"

and change them to

    DocumentRoot "c:/wamp/www/wamphelpers"
    ServerName wamphelpers.dev:443
    ErrorLog "c:/wamp/logs/ssl_error.log"
    TransferLog "c:/wamp/logs/ssl_access.log"

Find

SSLCertificateFile "c:/Apache2/conf/server.crt"

and change to

SSLCertificateFile "c:/wamp/bin/apache/apachex.y.x/conf/ssl.crt/server.crt"

Find

SSLCertificateKeyFile "c:/Apache2/conf/server.key"

and change to

SSLCertificateKeyFile "c:/wamp/bin/apache/apache2.2.26/conf/ssl.key/server.key"

Find

<Directory "c:/Apache2/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

and change to

<Directory "c:/wamp/www/wamphelpers">
    SSLOptions +StdEnvVars
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1 localhost ::1
</Directory>

Find

SSLSessionCache        "shmcb:c:/Apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300

and change it to

SSLSessionCache        "shmcb:c:/wamp/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300

Find

<Directory "c:/Apache2/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

and change to

CustomLog "c:/wamp/logs/ssl_request.log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

Basically look through the conf file and any command that is not commented out, but has a reference to a file or folder
should be changed to reference the WAMPServer folder structure and not 'C:/Apache2....'

Now make sure all these files we have changed are saved, and restart Apache using the wampmanager menus.


First test that the unprotected site is still working.

Then try using your new protected site by adding the 'https://' to the front of the domain name
i.e. `[www.wamphelpers.dev]` without the single quotes of course.



If Apache does not restart you have probably spelt something wrong. Test the configs like so :-

Open a command window

cd \wamp\bin\apache\apachex.y.z\bin
httpd -t

This will parse all the config files and should give you a file name and a line number where an error has been found.

Fix it and try again.



First access to your site will generate a message page something like this.
This is using FireFox, others will be slightly different, but the concept it the same.



This is because your certificate is not signed by a trusted authority, DONT PANIC, this is supposed to happen.

Click on, 'I Understand the risk' and that will show you a button saying 'Add Exception'
Press the Add Exception button, after checking that the certificates site details are in fact yours,
and you will not see this message again unless you clear the exception list.





BIG NOTE
As of Apache v2.2.12 and OpenSSL v0.9.8j it is now possible to secure more than one site per Apache instance.
This tutorial does not cover that process.
See here for more details:

Here

And here

And here

And like I said at the top, now you need to do some reseach on all the options available in the SSL config and make thing work as you want rather than using the default.

---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-

When run installer for the OpenSSL, it prompts to “select additional task” --Copy OpenSSL Dlls to: The Windows System Directory or The OpenSSL Binaries (/bin) Directory.

At this point, I do not know which option better to take and what will happen in each of the select possibilities, ’cause I do not wanna make major changes on my machine and what will be affected by this installation…

If you have any advice on what fallow next this will be a great momentum…

______________________________________________________________________
Powered By: JayManuel-NetWork4.org
©2015-2016 »Ð@RK ÐR@GÖN™«. All Rights Reserved.
______________________________________________________________________
WAMPServer 2.5 32bits
Apache2.4.18 | MySQL5.6.29 | php5.6.18-php5.5.32-php7.0.3
______________________________________________________________________

Then copy them to the `The OpenSSL Binaries (/bin) Directory.`

Also please do not piggyback on someone elses thread.

---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-



Edited 1 time(s). Last edit at 01/10/2016 01:17AM by RiggsFolly.

Hi RiggsFolly,

Thank you for posting the tutorial. I tried it but failed as I made a mistake, but will try again as soon as I get back from a coffee and some lovely Schwarzwalder Kirsch Torte at a nice village cafe a few kms away. Would've loved to treat you old top..

Caydee

@Dark Dragon
The files ssleay32 and libeay32 are already present in the apache2.4.9\bin directory and therefore you don't get any extra invitation to copy these to the Windows System Directories nor the OPenSSL Binaries if you do it as explained in the tutorial above.

Caydee,

Sounds lovely, have one for me!

---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-

I'm having an issue establishing an SSL on a WAMP server (VERSION: 3.1.9)
I'm not quite sure what I've missed, because I've already attempted to go through instructions provided everywhere I've searched...

I don't want to update to 3.2.0 because it won't work at all...

I've seen solutions for other versions of WAMP except for 3.1.9...
I have a valid SSL certificate, but the WAMP server does not provide enough information about where the issue went wrong.

I've checked the event viewer, and it states the following:

The Apache service named reported the following error:
>>> SSLSessionCache: 'shmcb' session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?). .

I've also noticed that was a missing module for SSL and that was pertaining to the socache file/module...

Can I get instructions to setup the WAMP server for SSL specifically for WAMP 3.1.9?

Hi,

In the thread below, there is my own procedure to support https SSL locally with Wampserver:
[forum.wampserver.com]

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons