XAMPP - Let's Encrypt SSL Installation

If you currently run Apache (or the other distributions such as XAMPP and Wamp Server) on Windows which is hosted as a virtual machine in some cloud based server, then this guide is for you.

Prerequisites

• XAMPP installed on your Windows Server.

• A registered domain pointing to your server's IP address (via DNS A record).

• Port 80 (HTTP) and 443 (HTTPS) open in firewall.

Step-by-Step Guide

Download win-acme

• Go to https://www.win-acme.com/

• Download the latest version (x64 recommended).

• Extract it to a folder, e.g., C:\win-acme\

Before we go on, Create a new folder called “apache-certs” on your C-drive.

You need to make sure your webroot is allowing .well-known/acme-challenge/ to be publicly accessible. If this folder is not available under the website directory then you need to create it and then win-acme will automatically create the required txt files for verification.

Generate the SSL Certificate

• Open Command Prompt as Administrator.

• Navigate to the win-acme folder:

1. “M” - Create new certificate

2. “1” - Manually input host names

3. “Enter your domain name here”

4. “Enter” - Just click enter to confirm again

5. “5” - Save file on local or network path

6. “C:\xampp\htdocs” - Your site root folder (C:\xampp\htdocs\<domain name>)

7. “y” - Default config settings

8. “2” - Choosing CSR

9. “3”- Write .pem files

10. “C:\apache-certs” - The reason we created the folder.

11. “3” - No extra steps

12. “1” - No extra steps

13. “Enter e-mail” - Enter your email adres

14. “Y” - Opens some docs

15. “Y” - Ofcourse we agree

Your SSL Files should now be created and placed in your “C:\apache-certs” folder and you see something like this on your console:

The hard part is now over.

Now we need to configure Apache to be able to use the SSL-Files. Before we start this please make a new folder on your C:\ Drive named “Logs”.

Configuring Apache

To use certificates obtained with the help of WACS with the Apache 2.4 server, you need to make settings in Apache\conf\extra\httpd-vhosts.conf file; you could also make these changes in the \Apache24\conf\extra\httpd-ssl.conf file as well instead if you so wish.

Updating C:\xampp\apache\conf\extra\httpd-ssl.conf

Replace the certificate file paths with your actual file locations.

<VirtualHost *:443>
    ServerName urc.ac.in
    DocumentRoot "C:/xampp/htdocs/<domain name>"

    SSLEngine on
    SSLCertificateFile "C:/ProgramData/win-acme/.../cert.pem"
    SSLCertificateKeyFile "C:/ProgramData/win-acme/.../privkey.pem"
    SSLCertificateChainFile "C:/ProgramData/win-acme/.../fullchain.pem"

    <Directory "C:/xampp/htdocs/<domain name>">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Step 4: Enable SSL in Apache

Open C:\xampp\apache\conf\httpd.conf and make sure these lines are uncommented:

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf -> Not required, Disable if error occurs

Configure C:\xampp\apache\conf\extra\httpd-vhosts.conf

<VirtualHost *:443>
    ServerName urc.ac.in
    DocumentRoot "C:/xampp/htdocs/<domain name>"

    SSLEngine on
    SSLCertificateFile "C:/ProgramData/win-acme/.../cert.pem"
    SSLCertificateKeyFile "C:/ProgramData/win-acme/.../privkey.pem"
    SSLCertificateChainFile "C:/ProgramData/win-acme/.../fullchain.pem"

    <Directory "C:/xampp/htdocs/<domain name>">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Enable Virtual Hosts in Apache

In httpd.conf (main Apache config), make sure this line is uncommented:

Include conf/extra/httpd-vhosts.conf

Listen 0.0.0.0 443
Or
Listen <Public IP> 443

Load the Required Apache Module

Open this file:

C:\xampp\apache\conf\httpd.conf

Find this line (or similar):

#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Uncomment it by removing the #:

LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Make Sure These Modules Are Enabled Too

In httpd.conf, make sure these are also uncommented:

LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-vhosts.conf

Force Redirect HTTP → HTTPS

Add this to your .htaccess file in:

C:\xampp\htdocs\<domain>\.htaccess

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Opening the Port in Windows Firewall Security.

Search for Windows Firewall Security for Windows and Open it.

Click on Inbound Rule, and follow the below steps:

• Click on New Rule from the right panel

• Select Port, Hit Next

• Click on TCP and Give Specific Port number as 443,80

• Allow all connection

• Check on Domain, private and Public

• Give the respective name and Click Finish

• And then, repeat the same steps for Outbound Rules and Finish

Troubleshooting Commands

Check Errors: C:\xampp\apache\logs\error.log

netstat -an | findstr :443

You should now see something like:
TCP    0.0.0.0:443   0.0.0.0:0   LISTENING

---

REFERENCES

• https://community.letsencrypt.org/t/setting-up-ssl-on-xampp/97512/8