How to activate HTTPS connection on a PHP/APACHE local server (LOCALHOST)

in utopian-io •  3 months ago

What Will I Learn?

  • You will learn how to create a SELF SIGNED SSL CERTIFICATE
  • You will learn how to activate HTTPS Connection on your Local Server

Requirements

  • A PHP/APACHE SERVER (WAMP)
  • A PHP OPEN SSL EXTENSION

Difficulty

  • Intermediate

Tutorial Contents

Today, I am gonna teach us how to activate SSL (HTTPS) on our local server. Mind you, only self signed certificates can be activated on localhost , as all verified certifcates need a real domain name to be verified, so this tutorial will be in two sections. One will be on how to generate the certificate using a PHP script while the other will be procedures needed to be followed to activate SSL on your local host. SSL could be important on local host while working (in development) with certain API and remote connections that require HTTPS from the request point

A QUICK HINT:

To activate OPENSSL in WAMP

  • Open C:\wamp\bin\php\php7.1.9\php.ini
  • Uncomment the following line by removing the ; behind it
extension=php_openssl.dll

The above activates the OPENSSL extension.


PART ONE

How to Generate a Self Signed CErtificate

To get straight to the point , I will just pour the codes of the generating script below while I explain thereafter , then you can run it to generate your scripts

NOTE: Before this script can work, OPENSSL extension must be activated on your php server .

$config = array('config' => YOUR_SSL_CONFIG_FILE);
$privkey = openssl_pkey_new($config);
$CN = ''; //Country Code e.g `NG` for Nigeria
$STATE = ''; //STATE OR PROVINCE IN COUNTRY OF RESIDENCE e.g. WASHINGTON DC
$LN = ''; //NAME OF LOCALITY e.g. QUEENS BLVD
$ON = ''; //NAME OF ORGANISATION e.g. STEEMIT INC
$OUN = ''; //ORGANISATION UNIT e.g. Tech Support
$cN = ''; //YOUR NAME e.g. Dre Combs
$EA = ''; //EMAIL ADDRESS 
$
$data = array(
    "countryName" =>  $CN,
    "stateOrProvinceName" => $STATE,
    "localityName" => $LN,
    "organizationName" => $ON,
    "organizationalUnitName" => $OUN,
    "commonName" => $cN,
    "emailAddress" => $EA
);
$csr = openssl_csr_new($data, $privkey, $configP);
$duration = 100; //In days
$sslcert = openssl_csr_sign($csr, null, $privkey, $duration, $config);
openssl_x509_export($sslcert, $certstore);
$password = NULL;
openssl_pkey_export($privkey, $pkstore, $password, $config);
file_put_contents("certificate.cer", $certstore);
file_put_contents("privatekey.pem", $pkstore);

CODE EXPLANATION

The first two lines generates a key pair to work with while generating the code



The following lines with the variables and the $data array helps to create the certificate parameter.

Then we create the certificate with the variable $csr and then sign it with the variable $sslcert

The $password can be anything else but should not be empty , except NULL

Then we export the certificate and private key using openssl_x509_export() & openssl_pkey_export() with the result being stored in $certstore and &pkstore respectively

Then the results are stored to files certificate.cer & privatekey.pem respectively

After the above script is run, certificate.cer & privatekey.pem should be stored in the root folder of your script

PART TWO

The Second part of this tutorial deals with how you can now activate https connection on your PHP/APACHE server stack (WAMP in this case) using above self-signed certificate.

STEP 1:
  • Go to C:\wamp\bin\apache\apache2.4.27 (this address could vary , but you can always tweak this address with discretion)
  • Create a folder key
  • Copy certificate.cer & privatekey.pem from where where you created them and paste them in the new folder: key C:\wamp\bin\apache\apache2.4.27\key

STEP 2:

  • Open C:\wamp\bin\apache\apache2.4.27\conf\httpd.conf (this address could vary , but you can always tweak this address with discretion)
  • Uncomment the follwoing lines by removing the # behind them
LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

STEP 3:

  • Open C:\wamp\bin\apache\apache2.4.27\conf\extra\httpd-ssl.conf
  • Find (Ctrl+F) <VirtualHost _default_:443>
  • Change all the conf below that line (in between # General setup for the virtual host & # SSL Engine Switch: to the below
DocumentRoot "c:/wamp/www"
ServerName localhost
ServerAdmin admin@example.com
ErrorLog "c:/wamp/bin/apache/apache2.4.27/logs/ssl/error.log"
TransferLog "c:/wamp/bin/apache/apache2.4.27/logs/ssl/access.log"

All the addresses above could vary , but you can always tweak with discretion

STEP 4:

  • GO TO C:\windows\system32
  • Copy the follwoing files ssleay32.dll & libeay32.dll
  • Go to C:\wamp\bin\php\php7.1.9\ and paste the copied files there

STEP 5:

  • RESTART YOUR SERVER , for WAMP , that will be RESTART ALL SERVICES
  • THEN TRY THIS ADDRESS IN YOUR BROWSER https://localhost


    Everything should work now.


    This means you can now access your local server via https://localhost/folder-name



Posted on Utopian.io - Rewarding Open Source Contributors

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Congratulations!,@akintunde Your post has been upvoted by Reach Out, which is proudly sponsored by @eturnerx. Our goal is to support Nigerian minnows on Steemit. Join our discord group https://discord.gg/NWAkKfn

Benefactor : @bleepcoin

Curator On Duty: Richie, the Manual Bot

We invite you to the @eoscafe community [https://discord.gg/wdUnCdE]

Thank you for the contribution It has been approved.


Need help? Write a ticket on https://support.utopian.io.
Chat with us on Discord.

[utopian-moderator]

Hey @akintunde I am @utopian-io. I have just upvoted you!

Achievements

  • Seems like you contribute quite often. AMAZING!

Utopian Witness!

Participate on Discord. Lets GROW TOGETHER!

Up-vote this comment to grow my power and help Open Source contributions like this one. Want to chat? Join me on Discord https://discord.gg/Pc8HG9x

@akintunde thanks for this tutorial, it was concise and educating. Gonna try it now

·

Alright then. Thanks for reading