Xampp installation
XAMPP Apache SSL Certificate Installation Manual for Windows Server
Table of Contents
- Prerequisites
- Certificate Preparation
- XAMPP Configuration
- Virtual Host Setup
- Testing and Verification
- Troubleshooting
Prerequisites
Before starting, ensure you have:
- XAMPP installed on Windows Server
- Administrative privileges on the server
- SSL certificate files (
.crt,.key, and optionally.ca-bundleor intermediate certificates) - Domain name pointing to your server's IP address
Certificate Preparation
Step 1: Organize Certificate Files
Create a dedicated folder for your SSL certificates:
C:\xampp\apache\conf\ssl\
Place your certificate files in this directory:
-
your-domain.crt(SSL certificate) -
your-domain.key(Private key) -
intermediate.crt(Intermediate/Chain certificate - if provided)
Step 2: Verify Certificate Files
Ensure your certificate files are in the correct format:
-
Certificate file: Should start with
-----BEGIN CERTIFICATE----- -
Private key: Should start with
-----BEGIN PRIVATE KEY-----or-----BEGIN RSA PRIVATE KEY-----
XAMPP Configuration
Step 3: Enable SSL Module
- Open XAMPP Control Panel as Administrator
- Stop Apache if it's running
- Navigate to
C:\xampp\apache\conf\httpd.conf - Find and uncomment (remove
#) the following line:Include conf/extra/httpd-ssl.conf - Also ensure the SSL module is loaded by uncommenting:
LoadModule ssl_module modules/mod_ssl.so
Step 4: Configure SSL Settings
- Open
C:\xampp\apache\conf\extra\httpd-ssl.conf - Locate the default SSL virtual host section (usually starts around line 104)
- Comment out or modify the default SSL virtual host to avoid conflicts
Virtual Host Setup
Step 5: Create Virtual Host Configuration
-
Open
C:\xampp\apache\conf\extra\httpd-vhosts.conf -
Add your HTTP virtual host (port 80):
<VirtualHost brspace.bankrakyat.com.my:80> ServerAdmin dev@dev.com DocumentRoot "C:/xampp/htdocs/brspace/www" ServerName brspace.bankrakyat.com.my ServerAlias brspace.bankrakyat.com.my ErrorLog "logs/brspace.local-error.log" CustomLog "logs/brspace.local-access.log" common DirectoryIndex index.php RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} <Directory "C:/xampp/htdocs/htdocs/brspace/www"> AllowOverride all Options FollowSymLinks MultiViews Require all granted </Directory> </VirtualHost> -
Add your HTTPS virtual host (port 443):
<VirtualHost brspace.bankrakyat.com.my:443> ServerAdmin dev@dev.com DocumentRoot "C:/xampp/htdocs/brspace/www" ServerName brspace.bankrakyat.com.my ServerAlias brspace.bankrakyat.com.my ErrorLog "logs/brspacessl.local-error.log" CustomLog "logs/brspacessl.local-access.log" common DirectoryIndex index.php <Directory "C:/xampp/htdocs/htdocs/brspace/www"> AllowOverride all Options FollowSymLinks MultiViews Require all granted </Directory> # SSL Engine Switch: SSLEngine on SSLCertificateFile C:\xampp\apache\conf\ssl\bundle.brspace.bankrakyat.com.my.crt SSLCertificateKeyFile C:\xampp\apache\conf\ssl\new.brspace.bankrakyat.com.my.key </VirtualHost>
Step 6: Enable Virtual Hosts
- Open
C:\xampp\apache\conf\httpd.conf - Find and uncomment:
Include conf/extra/httpd-vhosts.conf
Step 7: Enable Rewrite Module (for HTTP to HTTPS redirect)
In C:\xampp\apache\conf\httpd.conf, uncomment:
LoadModule rewrite_module modules/mod_rewrite.so
Testing and Verification
Step 8: Test Configuration
- Open Command Prompt as Administrator
- Navigate to
C:\xampp\apache\bin\ - Test Apache configuration:
You should see "Syntax OK"httpd.exe -t
Step 9: Restart Apache
- In XAMPP Control Panel, start Apache
- Check for any error messages in the control panel
Step 10: Verify SSL Certificate
- Open your browser and navigate to
https://brspace.bankrakyat.com.my - Check that:
- The site loads without SSL warnings
- The padlock icon appears in the address bar
- HTTP automatically redirects to HTTPS
Step 11: Online SSL Testing
Use online tools to verify your SSL installation:
- SSL Labs SSL Test:
https://www.ssllabs.com/ssltest/ - SSL Checker: Various online SSL checker tools
Troubleshooting
Common Issues and Solutions
Issue 1: "Cannot load SSL certificate"
Solution:
- Verify file paths in virtual host configuration
- Ensure certificate files have proper permissions
- Check that certificate files are not corrupted
Issue 2: "SSL handshake failed"
Solution:
- Verify that port 443 is open in Windows Firewall
- Check that no other service is using port 443
- Ensure SSL module is properly loaded
Issue 3: "Certificate chain incomplete"
Solution:
- Add intermediate certificate using
SSLCertificateChainFile - Ensure intermediate certificate is in the correct order
Issue 4: Mixed content warnings
Solution:
- Update all internal links to use HTTPS
- Check for hardcoded HTTP resources in your website
Log File Locations
- Apache Error Log:
C:\xampp\apache\logs\error.log - Custom Error Logs:
C:\xampp\apache\logs\your-domain-ssl-error.log - Custom Access Logs:
C:\xampp\apache\logs\your-domain-ssl-access.log
Useful Commands
# Test Apache configuration
C:\xampp\apache\bin\httpd.exe -t
# View loaded modules
C:\xampp\apache\bin\httpd.exe -M
# Check SSL certificate details
openssl x509 -in your-domain.crt -text -noout
Security Best Practices
- Keep certificates secure: Store certificate files in a protected directory
- Regular updates: Keep XAMPP and Apache updated
- Strong SSL configuration: Use modern protocols and ciphers only
- HSTS headers: Implement HTTP Strict Transport Security
- Regular certificate renewal: Monitor certificate expiration dates
- Backup certificates: Keep secure backups of your certificate files
This manual provides a complete guide for setting up SSL certificates with virtual hosts on XAMPP Apache in a Windows Server environment. Follow each step carefully and test thoroughly before deploying to production.