How to instal SSL on XAMPP and make a website secure with HTTPS

How to instal SSL on XAMPP and make a website secure with HTTPS

XAMPP, ideally a developer’s tool is seldom used to host a real website. But there can be situations otherwise, when you would want to host a real website on XAMPP. The challenge comes when you want to install an SSL certificate and make the website work with https. While there are simple steps to install an SSL certificate on a website that is hosted with cPanel, Plesk or other popular panel or even directly on Apache or IIS – the same process does not apply to XAMPP. Well this should not put you down because this certainly is doable and as you read through this post, you would be able to make your XAMP hosted website work with https. Read on:

I assume you have already procured the SSL certificate you need and if not, you may do so from here.

Now let’s follow these simple steps to get SSL activated for your domain hosted in XAMPP:

Step 1. Add the SSL certificate and the private key to Apache in XAMPP.

You need to add the SSL certificate and the private key into XAMPP for it to work. It may be added to the following locations:

Save the SSL File to c:/xampp/conf/ssl.crt/<SSLFILE.CRT>

and the private key to c:/xampp/conf/ssl.key/<KEYFILE.KEY>

Replace SSLFILE.CRT and KEYFILE.KEY with actual files.

2. Configure apache in XAMPP with the URL you are using.

Open c:/xampp/apache/conf/extra/httpd-vhost.conf – assuming c:/xampp is your xampp installation directory.

Update or add records as per the following:

HTTP
<VirtualHost *:80>
DocumentRoot "C:/xampp/htdocs/myproject/web"
ServerName www.YOURDOMAIN.com
<Directory "C:/xampp/htdocs/YOUR-WEB-FOLDER">
Options All
AllowOverride All
Require all granted
</Directory>
</VirtualHost>

HTTPS
<VirtualHost *:443>
DocumentRoot "C:/xampp/htdocs/YOUR-WEB-FOLDER"
ServerName YOURDOMAIN.com
ServerAlias www.YOURDOMAIN.com
SSLEngine on
SSLCertificateFile "conf/ssl.crt/SSLFILE.crt"
SSLCertificateKeyFile "conf/ssl.key/SSLKEY.key"
<Directory "C:/xampp/htdocs/YOUR-WEB-FOLDER">
Options All
AllowOverride All
Require all granted
</Directory>
</VirtualHost>

Since we are using virtual hosts, we need to enable the same in c:/apache/conf/httpd.conf. Doing this is simple, you just need to ensure that “Include conf/extra/httpd-vhosts.conf” is not commented out.

3. Ensure that XAMPP is running and port 443 is on and also ensure that you are able to ping the IP from domain name and it should work perfectly.

Feel free to ask us if you face any hurdles in the process. Enjoy a secured website!