I have tried searching for it online, but I got confused. I didn't get any clarity.
Develop a server using Node. js that is being served up using a localhost SSL certificate. Configure the Firefox web browser and the Postman API client to allow certificates that we have signed as the CA. Access the localhost with HTTPS securely from the browser or API client.
Add Multiple-Domain SSL to PHP Application: To install the Let's Encrypt certificate on multiple domains, click Add Domain and enter the domain names associated with your PHP website. Once done, click Install Certificate.
STEP BY STEP tutorial
Copied from the link:
Enabling SSL on WAMP
This step by step guide explains how you can enble SSL on WAMP.
Download WampServer 2.0 from here and install it to the default location (c:\wamp).
Now, we need to have a private/public key pair as well as a CA to sign our public key.
First, lets see how we can create a private/public key pair.
keytool -genkey -alias rpcert -keyalg RSA -keysize 1024 -dname "CN=identity-rp,L=SL,S=WS,C=LK" -keypass wso2key -keystore rpkeystore.jks -storepass wso2key
This will create a keystore [rpkeystore.jks] with public/private key pair.
My previous post explains how you can export your private key from the keystore. Just follow the steps given there and you'll end up with a file server.key, which is your private key.
Now, we need to sign our public certificate with a CA.
This - requires us to create a sample CA and following explains how to do that.
Here we use OpenSSL to build the required CA infrastructure. For Windows you can download Win32 OpenSSL v0.9.8g from here.
Once installed make sure you add C:\OpenSSL\bin [i.e [INSTALLED_LOCATION]\bin]
to the PATH env variable.
openssl req -x509 -newkey rsa:1024 -keyout cakey.pem -out cacert.crt
The above will creare a public/private key pair for our sample CA.
Now, we need to create a certificate signing request to our server.
Go to the folder where you created the keystore [rpkeystore.jks] and issue the following command.
keytool -certreq -v -alias rpcert -file csr.pem -keypass wso2key -storepass wso2key -keystore rpkeystore.jks
Now copy the csr.pem to the folder where you generated keys for the CA and issue the following command from there.
openssl x509 -req -days 365 -in csr.pem -CA cacert.crt -CAkey cakey.pem -CAcreateserial -out server.crt
By now we have all the requiured files.
cacert.crt --> CA public certificate server.crt --> Server public certificate signed by the CA server.key --> Server private key.
Copy all the above three files to c:\wamp\bin\apache\apache2.2.8\conf
assuming you installed WAMP to the default location.
Also edit c:\WINDOWS\system32\drivers\etc\hosts file and add the following entry.
127.0.0.1 identity-rp
If you could recall, when we creating the public certificate for our server, we created it for identity-rp.
Uncomment the following two lines.
LoadModule ssl_module modules/mod_ssl.so Include conf/extra/httpd-ssl.conf
Find Listen 80 and change it to Listen 12081 - that is our server is running on port number 12081.
Find ServerName and set it to ServerName identity-rp:12081.
Edit httpd-ssl.conf [C:\wamp\bin\apache\apache2.2.8\conf\extra]
Set Listen identity-rp:12444 - we are listening to port 12444 for secure communication.
Set
Set DocumentRoot "C:/wamp/www/"
Set ServerName identity-rp:12444
For the entire file find "C:/Program Files/Apache Software Foundation/Apache2.2" and replace with "C:/wamp/bin/apache/apache2.2.8".
Find SSLCertificateFile and set SSLCertificateFile "C:/wamp/bin/apache/apache2.2.8/conf/server.crt"
Find SSLCertificateKeyFile and set SSLCertificateKeyFile "C:/wamp/bin/apache/apache2.2.8/conf/server.key"
Find SSLCACertificateFile and set SSLCACertificateFile "C:/wamp/bin/apache/apache2.2.8/conf/cacert.crt"
Uncomment the line extension=php_openssl.dll
Now we are done - do a syntax check and start the apache server.
:> cd C:\wamp\bin\apache\apache2.2.8\bin :> httpd -t :> httpd --start
Type https://identity-rp:12444
on your browser - you'll see a certificate error at the brower - to avoid it install CA certificate in your browser.
The easy way for local host SSL / HTTPS communication (NOTE: THIS IS UNSAFE FOR EVERYTHING EXCEPT LOCAL HOST ON TRUSTED NETWORK):
Go save the following as c:/wamp/bin/php/php5.5.12/cacert.pem
or another path of your choosing (you'll need to remember the path for the next bit)
-----BEGIN CERTIFICATE----- MIIDBzCCAe+gAwIBAgIJAMoCZ6uI7u4zMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV BAMMD3d3dy5leGFtcGxlLmNvbTAeFw0xOTA4MTIxMzM4MTBaFw0yOTA4MDkxMzM4 MTBaMBoxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAK3y7R7lAlBHhoPLx2zvfv/mjSy1clk0HAaSgGDSpl6R Qs5WrIesS3hkfEoRrWkZOx2/B6bqPbrSsoGRwFrG5Qd5P5OXGZTS51xy9z/9raa7 sDH++z7UF6MvF0oATjGOjpIEtmMZMd+oePGghGrilNxE7sJBd8Y5tyMyhf2azk2B euRJoerhOot8QRkSYqqsUcfOp7K18LGmPKPUkc6guJsv/86GfXZrkQIudlkyvDsk sIXIj5wvJbZIDizF4NytyuGgIJxTlRmtAgwmcq8UXdnHBZjNyvCZ7ADO+LlvEvRn fSuDWYKs5MCcgUZkBUB2f3Quc6pCGULuK2nr+VPY0asCAwEAAaNQME4wHQYDVR0O BBYEFBTtO54yB99DIK0n2GBVJzKvLkY8MB8GA1UdIwQYMBaAFBTtO54yB99DIK0n 2GBVJzKvLkY8MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKr+ZBse u+df6AG7qCm5NqmvxDVNloqLLIv8mQpUZrIuoWcpmFdXGcMKkpQD7B+mqxVaIfii JGuc+tuYCcc5n4M2SBawVsLeYK4y79QU+SHYdb2z5Fk105/T/p6SV6aK4lqxvnPL OQaOO+WHS3alITPk3tDRHJ68iR6KndXecl0hPTe7Y7e74/f94DCAeVK/QyKwkbOS 3pdA0f+AlGiTRaNjc3PFJRgNeUsvwGt0aP+MgimFSLyLpyZiXbux7OCOpKnjeWtO B3i3in9rnNg2ArpFKQ30bojddEN87bVORJmqgX92oEpS02e1/f72w538oD+F84Uc lKxvjPlcgIuU+sY= -----END CERTIFICATE-----
In php.ini
* un-comment and change:
curl.cainfo = "c:/wamp/bin/php/php5.5.12/cacert.pem"
php.ini
file is on your machine by running php --ini
in your CLI or creating a phpinfo file and loading it in browsercurl.cainfo =
should be set to wherever you saved your own cacert.pemIf you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With