WampServer

Further to the post at [forum.wampserver.com], I'm running into an odd situation where I've upgraded my WAMP (WAMP 3.3.1, Apache 2.4.55.2, PHP 8.1.16, WAMP Icon is green). Upgrades were done in 1 week stages to ensure nothing broke in the web app, and the last phase was Thursday where I upgraded PHP, MariaDB (10.1 to 10.11.2 and the web app itself. Everything worked fine (I thought) but then we started seeing specific users unable to access specific projects in the website. The error log is saying "server certificate does NOT include an ID which matches the server name".

Login page, Main page, and vast majority of projects are all accessible and work. Only specific projects are not working.

This was not happening on the previous version (WAMP 3.1.0, Apache 2.4.27, PHP 7.1.9) so I'm not sure what happened.

1 - Windows version used (Specify version number AND whether 32 or 64 bit) - Windows 2019 64 bit
2 - Version WampServer (Specify version number AND whether 32 or 64 bit) - WAMP 3.3.1 64 bit
3 - Apache Version - 2.4.55.2
4 - PHP Version - 8.1.16
5 - MySQL Version - N/A
5a - MariaDB version if applicable - N/A (running on a different server, but running 10.11.2)
6 - What color is the WampServer icon (in the notification area of the taskbar) - Green

HTTPD.conf - Only listening to port 80. ServerName is mysite.com.

HTTPD-ssl.conf -

Listen 0.0.0.0:443 https
Listen [::0]:443 https
<VirtualHost _default_:443>
DocumentRoot "${INSTALL_DIR}/www/mysite"
ServerName mysite.myserver.com
ErrorLog "${INSTALL_DIR}/logs/apache_error.log"

TransferLog  "${INSTALL_DIR}/logs/access.log"
SSLEngine on

SSLCertificateFile "C:/wamp64/bin/apache/ssl/digicert_crt.crt"
SSLCertificateKeyFile "C:/wamp64/bin/apache/ssl/key_file.key"
SSLCertificateChainFile "C:/wamp64/bin/apache/ssl/DigiCertCA.crt"
</VirtualHost>

HTTPD-ssl.conf -

<VirtualHost *:80>
 ServerName mysite.com
 DocumentRoot "${INSTALL_DIR}/www/mysite"
Redirect /secure [mysite.com]
  <IfModule ssl_module>
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^ []%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  </IfModule>
<Directory "${INSTALL_DIR}/www/mysite/">
    Options +Indexes +Includes +FollowSymLinks +MultiViews
      AllowOverride all
    Order allow,deny
    Require all granted
    Allow from all
  </Directory>
</VirtualHost>

<VirtualHost *:443>
 ServerName mysite.com
 SSLEngine on
SSLCertificateFile "C:/wamp64/bin/apache/ssl/digicert_crt.crt"
SSLCertificateKeyFile "C:/wamp64/bin/apache/ssl/key_file.key"
SSLCertificateChainFile "C:/wamp64/bin/apache/ssl/DigiCertCA.crt"
  DocumentRoot "${INSTALL_DIR}/www/mysite"
  <Directory "${INSTALL_DIR}/www/mysite/">
    Options +Indexes +Includes +FollowSymLinks +MultiViews
      AllowOverride all
    Order allow,deny
    Require all granted
    Allow from all
  </Directory>
</VirtualHost>

Chris



Edited 4 time(s). Last edit at 03/21/2023 03:57PM by darthpathos42.

Hi,

It seems that in your examples, the SSLCertificateFile and SSLCertificateKeyFile are the same regardless of the ServerName.

In my procedure : Using https with SSL in local VirtualHost the SSLCertificateFile and SSLCertificateKeyFile are generated explicitly for each ServerName and thus take into account the identification of the ServerName.

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Hi Otomatic - The SSLCertificate and Key Files were created specifically for the server, it was my mistake when creating the code for this post.

Any other ideas?
Chris

Hi,

You have to fire the lines:
Order allow,deny
Allow from all
which are for Apache 2.2 and not for Apache 2.4 which replace them by Require all granted

Are you sure that there are two different SSLCertificateFile and two different SSLCertificateKeyFile for:
ServerName wcredcap.wchospital.ca
and
ServerName mysite.com

On the other hand, in my procedure, I don't use <VirtualHost _default_:443> but <VirtualHost *:443> which could explain the error because in case the server is not accessible or not found, we fall back on the default server.

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Hi Otomatic - the two different server names were a mistake in my post, not in the SSL file (I tried to remove all instances of the actual server name to keep it anonymous).

ServerName is supposed to the mywebsite.com OR myserver.mywebsite.com?

I have commented out Order allow,deny and Allow from all and in the HTTPD-ssl file have updated _default_ to *.

I have restarted Apache but still having the issue.

What else can I try? I'm going on 24 hours of this issue and will need to update my manager shortly.
Chris

Hi,

> ServerName is supposed to the mywebsite.com OR myserver.mywebsite.com?

ServerName is the name you want - under certain conditions no space, no underscore - it is the one you will type in the address bar of a browser to access the local site 'http://ServerName/'
It should not include the server name since the local DNS (hosts file) will give the location (IP) of the server.

It must not be a public site name, otherwise you will not be able to access this public site due to the DNS search order.

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Hi Otomatic - Confirming everything is correctly configured (ServerName mysite.com).

The fact that this is only specific pages is confusing to me - I can understand if the entire site was offline, but this small percentage of pages having problems is hard for me to figure out.
Chris

I have figured out the issue, it's a plugin used by some projects that was for some reason going to an external non-SSL site. removing the plugin and everything is back to normal. thanks all