Create a trusted SSL in localhost on XAMPP

97 Likes Comment
SSL CERT in localhost on xampp

Chrome browser updates has become a burden for local development. Not only they decided to disable .dev domain for local development, they also really have specific configuration in SSL Cert to show the site as secure.

In this step by step tutorial I will try to explain  the walk-through to create SSL cert locally to be used in XAMPP in Windows.

In my XAMPP install I basically  have a clone to all the site that I managed.  And All of them (of course) use SSL/HTTPS.

Here’s the step by  step guide:

In this step we are going to crate SSL and setup “site.test” website.

1. Navigate to Apache directory in XAMPP.

In regular install it’s in C:\xampp\apache.

2. Create a folder in that page.

This is where we will store our cert. In this example I will create “crt” folder. So we will have C:\xampp\apache\crt

3. Add this files.

  • cert.conf
  • make-cert.bat
[ req ]

default_bits        = 2048
default_keyfile     = server-key.pem
distinguished_name  = subject
req_extensions      = req_ext
x509_extensions     = x509_ext
string_mask         = utf8only

[ subject ]

countryName                 = Country Name (2 letter code)
countryName_default         = US

stateOrProvinceName         = State or Province Name (full name)
stateOrProvinceName_default = NY

localityName                = Locality Name (eg, city)
localityName_default        = New York

organizationName            = Organization Name (eg, company)
organizationName_default    = Example, LLC

commonName                  = Common Name (e.g. server FQDN or YOUR name)
commonName_default          = {{DOMAIN}}

emailAddress                = Email Address
emailAddress_default        = [email protected]

[ x509_ext ]

subjectKeyIdentifier   = hash
authorityKeyIdentifier = keyid,issuer

basicConstraints       = CA:FALSE
keyUsage               = digitalSignature, keyEncipherment
subjectAltName         = @alternate_names
nsComment              = "OpenSSL Generated Certificate"

[ req_ext ]

subjectKeyIdentifier = hash

basicConstraints     = CA:FALSE
keyUsage             = digitalSignature, keyEncipherment
subjectAltName       = @alternate_names
nsComment            = "OpenSSL Generated Certificate"

[ alternate_names ]

DNS.1       = site.test

The make-cert.bat file content like this:

@echo off
set /p domain="Enter Domain: "
set OPENSSL_CONF=../conf/openssl.cnf

if not exist .\%domain% mkdir .\%domain%

..\bin\openssl req -config cert.conf -new -sha256 -newkey rsa:2048 -nodes -keyout %domain%\server.key -x509 -days 3650 -out %domain%\server.crt

echo.
echo -----
echo The certificate was provided.
echo.
pause

4. Edit cert.conf and Run make-cert.bat

Change {{DOMAIN}} text using the domain we want to use, in this case site.test and save.

Double click the make-cert.bat and input the domain site.test when prompted. And just do enter in other question since we already set the default from cert.conf.

5. Install the cert in windows.

After that, you will see site.test folder created. In that folder we will have server.crt and server.key. This is our SSL certificate.

Double click on the server.crt to install it on Windows so Windows can trust it.

And then select Local Machine as Store Location.

And then Select “Place all certificate in the following store” and click browse and select Trusted Root Certification Authorities.

Click Next and Finish.

And now this cert is installed and trusted in Windows. Next is how how to use this cert in XAMPP.

6. Add the site in Windows hosts

  1. Open notepad as administrator.
  2. Edit C:\Windows\System32\drivers\etc\hosts (the file have no ext)
  3. Add this in a new line:
127.0.0.1 site.test

This will tell windows to load XAMPP when we visit http://site.test You can try and it will show XAMPP dashboard page.

7. Add the site in XAMPP conf.

We need to enable SSL for this domain and let XAMPP know where we store the SSL Cert. So we need to edit C:\xampp\apache\conf\extra\httpd-xampp.conf

And add this code at the bottom:

## site.test
 <VirtualHost *:80>
     DocumentRoot "C:/xampp/htdocs"
     ServerName site.test
     ServerAlias *.site.test
 </VirtualHost>
 <VirtualHost *:443>
     DocumentRoot "C:/xampp/htdocs"
     ServerName site.test
     ServerAlias *.site.test
     SSLEngine on
     SSLCertificateFile "crt/site.test/server.crt"
     SSLCertificateKeyFile "crt/site.test/server.key"
 </VirtualHost>
After that, you will need to restart Apache in XAMPP.  It’s very simple, simply open XAMPP Control Panel and Stop and re-Start Apache Module.

Tips: In XAMPP conf, as you can see you can change the domain root directory if needed. Eg. as sub-dir in htdocs.

8. Restart your browser and Done!

This is required to load the certificate. And visit the domain on your browser, and you will see green lock!

I hope this tutorial is useful!

shared by: shellcreeper dot com

You might like

Avatar

About the Author: Toc Xoan

Leave a Reply

Your email address will not be published. Required fields are marked *