XAMPP SSL Certificates - general information

Problems with the Windows version of XAMPP, questions, comments, and anything related.

XAMPP SSL Certificates - general information

Postby cthugr » 29. December 2009 11:55


I am trying to setup a XAMPP 1.7.3 installation in order to use SSL certificates (both server & client) in Windows Vista 32-bit edition. I've browsed the forum and I've found bits of information here and there, but what I need (if possible) is a brief description of each of the necessary steps of the procedure. XAMPP comes with SSL support already activated, so I've tested that https works fine. The topics that I need help/directions are:

-Create a CA
-Create the server key & certificate
-Create the client key & certificate (do I need only 1?)
-Implement the above in a PHP login page

Thank you in advance,

Posts: 2
Joined: 29. December 2009 10:15

Re: XAMPP SSL Certificates - general information

Postby Izzy » 29. December 2009 22:49

There is a bat file in the \xampp\apache folder called makecert.bat file that will help with your goal.
The locations and example ssl keys etc are all in the \xampp\apache\conf folder.

Here are a few links that are worth a read:
http://www.instantssl.com/ssl-certifica ... d_ssl.html

More from this web search.
http://www.google.com/search?q=generati ... with+xampp

A good source for a free SSL certificate and that's cheap, can be found here:
The site needs to be read thoroughly to understand what is on offer (a free SSL Certificate).

I am not sure what you mean by implementing the above in a php login page as that side of the equation deals with Authentication, Authorization and Access Control:

Once again life can be made easy with XAMPP by using the \xampp\apache\bin\htpasswd.exe file mentioned in the above link to create user/pass combos - or there are specific pre-made php scripts out there specifically for your needs - www.hotscripts.com is a good place to start.
Posts: 3344
Joined: 25. April 2006 17:06

Re: XAMPP SSL Certificates - general information

Postby cthugr » 01. January 2010 23:07


thank you for your reply Izzy!

What I am trying to do is to ask the client for its certificate everytime he tries to connect to the server. From what I understand the steps for this process are those that I have described in my first post. I have found the following commands in the apache-ssl.org site:

Now I've got my server installed, how do I create a test certificate?

Step one - create the key and request:

openssl req -new > new.cert.csr

Step two - remove the passphrase from the key (optional):

openssl rsa -in privkey.pem -out new.cert.key

Step three - convert request into signed cert:

openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365

The Apache-SSL directives that you need to use the resulting cert are:

SSLCertificateFile /path/to/certs/new.cert.cert
SSLCertificateKeyFile /path/to/certs/new.cert.key

How do I create a client certificate?

Step one - create a CA certificate/key pair, as above.

Step two - sign the client request with the CA key:

openssl x509 -req -in client.cert.csr -out client.cert.cert -signkey my.CA.key -CA my.CA.cert -CAkey my.CA.key -CAcreateserial -days 365

Step three - issue the file 'client.cert.cert' to the requester.

The Apache-SSL directives that you need to validate against this cert are:

SSLCACertificateFile /path/to/certs/my.CA.cert
SSLVerifyClient 2

The point is that I am not sure about what should I do first, etc. Do I need to first create the CA, then the server cert & key and then the client cert & key in this order? Some command line examples would surely help! Thank you in advance,

Posts: 2
Joined: 29. December 2009 10:15

Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 71 guests