Friday, October 10, 2008

KB: XAMPP SSL Configuration on Ubuntu

XAMPP SSL Configuration on Ubuntu Linux.



This article assumes that you already have XAMPP installed on your system and that you will be using a self-signed certificate.

Create a Self-signed Certificate

1. In a directory of your choosing, create an RSA Private Key:
openssl genrsa -des3 -out server.key 1024
2. Create a certificate signing request (CSR):
openssl req -new -key server.key -out server.csr
3. Remove the passphrase. If you enable the passphrase, Apache will ask for the passphrase each time the web server is started:
cp server.key
openssl rsa -in -out server.key
4. Create the self-signed certificate:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
5. Copy the private key and certificate to your XAMPP installation. We will rename the files so they will not conflict with the existing XAMPP SSL certificates:
cp server.crt /opt/lampp/etc/ssl.crt/openeprs.crt
cp server.key /opt/lampp/etc/ssl.key/openeprs.key

Add a Virtual Host

1. Check that mod_ssl is enabled in [XAMPP_HOME]/etc/httpd.conf:
LoadModule ssl_module modules/
2. Add a virtual host, in this example "" by editing [XAMPP_HOME]/etc/extra/httpd-ssl.conf as follows:
# Add this line right before the default virtual host section
NameVirtualHost *:443

## SSL Virtual Host Context

 # General setup for the virtual host
 DocumentRoot "/opt/lampp/htdocs/"
 ServerAlias *

## openEPRS SSL Virtual Host Context

        ServerAlias *
        ServerAdmin admin@localhost

        DocumentRoot "/home/krdavis/Projects/openeprs/public/"

        DirectoryIndex index.php
        ErrorLog /opt/lampp/logs/openeprs.local.error.log
        CustomLog /opt/lampp/logs/openeprs.local.access.log combined

        SSLEngine on
        SSLCertificateFile /opt/lampp/etc/ssl.crt/openeprs.crt
        SSLCertificateKeyFile /opt/lampp/etc/ssl.key/openeprs.key

        <directory /home/krdavis/openeprs/projects/public>
                Options Indexes FollowSymLinks
                AllowOverride All
                Order allow,deny
                Allow from all

        BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
Note #1: The first vhost allows you to continue to access the XAMPP applications that are installed as part of the distribution. This vhost uses the original SSL certificate that is part of the XAMPP distributiuon.
Note #2: The second vhost uses the SSL certificate that was created previously.

3. Add the following two entries to /etc/hosts:
4. Open the XAMPP control panel and click "Stop" and then "Start XAMPP" to enable the new configuration.

To Top