How to setup http protocol with SSL on LAMP environment

Featured Image

Today I’ll explain how to setup testing environment with https protocol on Ubuntu. It should take around 10-15 minutes to do it manually. I assume you have installed LAMPP on your development PC.

First thing first. We’ll need an SSL certificate to even begin. So I’ll explain how to create self-signed SSL certificate. There are even free trusted SSL certificates out there, but i haven’t tried them. 😀 You can look it up here: and But lets go back on topic of creating it by ourselves.

Open up the Console, and type in the following:

  • openssl genrsa -aes256 -out pass.key 2048

it will ask you for password, so you should provide one

  • openssl rsa -in pass.key -out oursite.key

it will ask you for the password you entered for initial key generation, and if everything goes well, it will generate the key

  • openssl req -new -x509 -nodes -sha1 -key oursite.key -out oursite.crt -days 999 -config /opt/lampp/share/openssl/openssl.cnf

note that this is the part where we create our actual certificate (oursite.crt), and also, change the last part according to your LAMPP installation. Also, this part will ask you for some information about the certificate itself.

Note: also, you can insert a dot to leave the field empty.

Next part will be the about actual setup.So we need to navigate to /opt/lampp/etc and copy our key (oursite.key) and crt files (oursite.crt) to according folders (ssl.key and ssl.crt).

After that navigate to /opt/lampp/etc/extra and edit the “httpd-ssl.conf” file. Insert this fragment at the end of the file:

<virtualhost oursite:443>
DocumentRoot /oursite/project/root/directory
ServerName oursite:443
ServerAdmin you@oursite
ErrorLog /opt/lampp/logs/error_log
TransferLog /opt/lampp/logs/access_log
SetEnv APPLICATION_ENV development
SSLEngine on
SSLCertificateFile /opt/lampp/etc/ssl.crt/oursite.crt
SSLCertificateKeyFile /opt/lampp/etc/ssl.key/oursite.key
<filesmatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
<directory "/oursite/project/root/directory">
SSLOptions +StdEnvVars
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /opt/lampp/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

This part is pretty much self-explained, so please edit it for your specific case. Now, you should navigate to httpd.conf file (/opt/lampp/etc directory in my case), and see if this line is commented “#Include conf/extra/httpd-ssl.conf”. If it is, uncomment it.

Only thing left to do is to navigate to hosts file (/etc/hosts) and add a line at the end as follows:          oursite

Save everything if you still haven’t and restart apache.

Open up your favourite web broser and enter our new url: https://oursite

After confirming the certificate, everything is done. I hope I’ve learned you something new today. 😉

1 comment

  1. Hi,
    a very good explanation. Worked at first try. But how can i force users to go via ssl? (redirect from http to https per rewrite dont work for lampp)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <blockquote cite=""> <code> <del datetime=""> <em> <s> <strike> <strong>. You may use following syntax for source code: <pre><code>$current = "Inchoo";</code></pre>.