XAMPP - Let's Encrypt SSL Installation

If you currently run Apache (or the other distributions such as XAMPP and Wamp Server) on Windows which is hosted as a virtual machine in some cloud based server, then this guide is for you.

Prerequisites

  • XAMPP installed on your Windows Server.

  • A registered domain pointing to your server's IP address (via DNS A record).

  • Port 80 (HTTP) and 443 (HTTPS) open in firewall.

Step-by-Step Guide

Download win-acme

Before we go on, Create a new folder called “apache-certs” on your C-drive.

You need to make sure your webroot is allowing .well-known/acme-challenge/ to be publicly accessible. If this folder is not available under the website directory then you need to create it and then win-acme will automatically create the required txt files for verification.

Generate the SSL Certificate

  • Open Command Prompt as Administrator.

  • Navigate to the win-acme folder:

  1. “M” - Create new certificate

  2. “1” - Manually input host names

  3. “Enter your domain name here”

  4. “Enter” - Just click enter to confirm again

  5. “5” - Save file on local or network path

  6. “C:\xampp\htdocs” - Your site root folder (C:\xampp\htdocs\<domain name>)

  7. “y” - Default config settings

  8. “2” - Choosing CSR

  9. “3”- Write .pem files

  10. “C:\apache-certs” - The reason we created the folder.

  11. “3” - No extra steps

  12. “1” - No extra steps

  13. “Enter e-mail” - Enter your email adres

  14. “Y” - Opens some docs

  15. “Y” - Ofcourse we agree

Your SSL Files should now be created and placed in your “C:\apache-certs” folder and you see something like this on your console:

The hard part is now over.

Now we need to configure Apache to be able to use the SSL-Files. Before we start this please make a new folder on your C:\ Drive named “Logs”.

Configuring Apache

To use certificates obtained with the help of WACS with the Apache 2.4 server, you need to make settings in Apache\conf\extra\httpd-vhosts.conf file; you could also make these changes in the \Apache24\conf\extra\httpd-ssl.conf file as well instead if you so wish.

Updating C:\xampp\apache\conf\extra\httpd-ssl.conf

Replace the certificate file paths with your actual file locations.

<VirtualHost *:443>
    ServerName urc.ac.in
    DocumentRoot "C:/xampp/htdocs/<domain name>"

    SSLEngine on
    SSLCertificateFile "C:/ProgramData/win-acme/.../cert.pem"
    SSLCertificateKeyFile "C:/ProgramData/win-acme/.../privkey.pem"
    SSLCertificateChainFile "C:/ProgramData/win-acme/.../fullchain.pem"

    <Directory "C:/xampp/htdocs/<domain name>">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Step 4: Enable SSL in Apache

Open C:\xampp\apache\conf\httpd.conf and make sure these lines are uncommented:

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf -> Not required, Disable if error occurs

Configure C:\xampp\apache\conf\extra\httpd-vhosts.conf

<VirtualHost *:443>
    ServerName urc.ac.in
    DocumentRoot "C:/xampp/htdocs/<domain name>"

    SSLEngine on
    SSLCertificateFile "C:/ProgramData/win-acme/.../cert.pem"
    SSLCertificateKeyFile "C:/ProgramData/win-acme/.../privkey.pem"
    SSLCertificateChainFile "C:/ProgramData/win-acme/.../fullchain.pem"

    <Directory "C:/xampp/htdocs/<domain name>">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Enable Virtual Hosts in Apache

In httpd.conf (main Apache config), make sure this line is uncommented:

Include conf/extra/httpd-vhosts.conf

Listen 0.0.0.0 443
Or
Listen <Public IP> 443

Load the Required Apache Module

Open this file:

C:\xampp\apache\conf\httpd.conf

Find this line (or similar):

#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Uncomment it by removing the #:

LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Make Sure These Modules Are Enabled Too

In httpd.conf, make sure these are also uncommented:

LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-vhosts.conf

Force Redirect HTTP → HTTPS

Add this to your .htaccess file in:

C:\xampp\htdocs\<domain>\.htaccess
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Opening the Port in Windows Firewall Security.

Search for Windows Firewall Security for Windows and Open it.

Click on Inbound Rule, and follow the below steps:

  • Click on New Rule from the right panel

  • Select Port, Hit Next

  • Click on TCP and Give Specific Port number as 443,80

  • Allow all connection

  • Check on Domain, private and Public

  • Give the respective name and Click Finish

  • And then, repeat the same steps for Outbound Rules and Finish

Troubleshooting Commands

Check Errors: C:\xampp\apache\logs\error.log

netstat -an | findstr :443

You should now see something like:
TCP    0.0.0.0:443   0.0.0.0:0   LISTENING

REFERENCES

PreviousExport Leaf, Root, and Intermediate FilesNextJBoss Web Server: CSR Generation

Last updated

Was this helpful?