Implementing HTTPS over a LAN with Wamp
Hi everyone
I've bee struggling to implement HTTPS in Wamp-powered websites over a LAN (Local Area Network)
The requirement is the following
Computer1 hosts one or several Wamp-powered websites
<www_root>\path1a\
<www_root>\path1b\
...
accessible through
[computer1-name]
[computer1-name]
...
Computer2 hosts one or several Wamp-powered websites
<www_root>\path2a\
<www_root>\path2b\
...
accessible through
[computer2-name]
[computer2-name]
...
etc.
Note that paths *may* be the same, eg. path1a=path2a, allowing to test the same site under different settings, eg.
[computer1-name]
[computer2-name]
Problems to solve
How to let one computer see another computer's sites, without using IPs (which are subject to change as we all know)?
How to get this working through HTTPS and without permanent "security warnings" from Edge/Chrome/Firefox/Safari/... ?
I came up with a complete, working solution that I wish to share
Enjoy
NL
WANPSERVER INSTALLATION DETAILS
Windows 11 Home 25H2 up-to-date
Wampserver 3.4.0
Installation directory: D:\wamp
WWW root directory: D:\wamp\www
Apache 2.4.65, meaning that the Apache directory is
D:\wamp\bin\apache\apache2.4.65\bin
Adapt the following to your needs if different
MAIN IDEA
Because of the LAN sticky access requirement, neither IPs (not sticky) nor localhost (not networkable) can be used.
The built-in Wamp HTTPS specific settings cannot be used either.
Trying to do so just destroyed the installation (parse errors, conf errors, etc.).
Indeed, it could not be recovered, neither by reinstalling (rejected by the installer because of an existing installation!) nor by the tools provided on the Wampserver official site.
A working solution obtains by complying with the following rules:
1. Do not use the tray icon for *setting* anything, only use it as checking interface
2. Always edit configuration files yourself and run commands yourself from an admin CMD or PS prompt
3. Most important: let the entire HTTPS configuration be stored in a conf file that is understood by Apache but ignored by Wamp (!)
SSL VIRTUAL HOSTS SETUP
Hereafter "wamp-computer" refers to any of the above computers running Wampserver, with Windows name "wamp-computer-name" and IP "wamp-computer-ip"
Repeat all tasks below for each computer running Wampserver
During the following steps ensure that
1. Wampserver is NOT running
2. the Windows account that you use has Administrator privileges, in order to be able to run anything "as administrator"
Reminder for newbies :)
"run as administrator" is an execution context that is granted to accounts which have Administrator privileges.
Thereby it is *not* a change of user!
Of course, the built-in Administrator account has Administrator privileges, hence can run anything "as administrator"
If an account has no Administrator privileges and tries to run something "as administrator", it will be prompted to enter the credentials of an account which does.
The following steps allow to implement HTTPS in two different but compatible configurations
1. Implement a master SSL virtual host
[wamp-computer-name]
yielding (almost) the same output
[localhost]
as a default Wamp installation, but *only* when opened from the wamp-computer itself.
Here the Apache DocumentRoot (on the wamp-computer) is
d:/wamp/www
2. Implement a specific SSL virtual host
[myvirtualhost]
yielding (almost) the same output
[myvirtualhost]
as a default Wamp installation, but *only* when opened from the wamp-computer itself.
Here the Apache DocumentRoot (on the wamp-computer) is
d:/wamp/www/myvirtualhost
It is perfectly possible to implement only *one* of these configurations.
However the choice has been made to implement configuration 1, with an option to implement configuration 2 additionaly.
PLEASE NOTE THAT THE STEP ORDER IS CRITICAL!
[STEP 1a] ON THE WAMP-COMPUTER
Edit (as administrator)
C:\Windows\System32\drivers\etc\hosts
as follows
#WAMP
127.0.0.1 localhost
::1 localhost
#Irrespective of the creation of a master SSL virtual host
127.0.0.1 wamp-computer-name
::1 wamp-computer-name
#For each specific SSL virtual host (if any)
127.0.0.1 myvirtualhost
::1 myvirtualhost
#For each other computer on the LAN
other-computer-ip other-computer-name
[STEP 1b] ON EACH OTHER COMPUTER ON THE LAN
Edit (as administrator)
C:\Windows\System32\drivers\etc\hosts
as follows
#WAMP
127.0.0.1 localhost
::1 localhost
#For the wamp-computer, irrespective of the creation of a master SSL virtual host
wamp-computer-ip wamp-computer-name
[STEP 2] ON THE WAMP-COMPUTER
Edit (as administrator)
D:\wamp\wampmanager.conf
and ensure that
NotVerifyHosts = "on"
This is mandatory to prevent Wampserver from overriding "C:\Windows\System32\drivers\etc\hosts"
[STEP 3] ON THE WAMP-COMPUTER
From Windows search bar type
Windows Defender Firewall with Advanced Security (in English)
Pare-Feu Windows Defender avec fonctions avancées de sécurité (in French)
and click
"Execute as administrator" (in English)
"Exécuter en tant qu'administrateur" (in French)
Then, in the Firewall console
Click "Inbound Rules"
Click "New Rule..."
Select Port "TCP"
In "Specific local ports," enter "443"
Select "Allow the connection"
Ensure that ONLY "Private" and "Public/Domain" are checked
Click "Finish"
This will allow other computers from the LAN to see [wamp-computer-name] and websites under it, because HTTPS operates on port 443
[STEP 4] ON THE WAMP-COMPUTER: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
Open an admin CMD prompt on
D:\wamp\bin\apache\apache2.4.65\bin
and execute
openssl req -x509 -newkey rsa:2048 -keyout ../conf/key/wamp-computer-name.key -out ../conf/key/wamp-computer-name.crt -days 3650 -nodes -subj "/CN=wamp-computer-name" -addext "subjectAltName=DNS:wamp-computer-name,DNS:localhost,IP:127.0.0.1" -config ../conf/openssl.cnf
REMARK. The certificate lifespan lies in the "-days 3650" switch, standing for 10 years. Other possibilities are
"-days 365" (1 year) to stay on the safe side
"-days 825" (roughly 2.2 years) because some browsers would throw a "Security Warning" beyond this threshold
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above.
[STEP 5] ON THE WAMP-COMPUTER
Edit (as administrator)
D:\wamp\bin\apache\apache2.4.65\conf\httpd.conf
as follows
# SSL Virtual hosts (ignored by Wamp)
Include conf/extra/httpd-vhosts-ssl.conf
#Turn standard SSL port 443 into a configuration variable
Define SSLPORT443 443
#Enforce listening to reconfigured SSL port
Listen 0.0.0.0:${SSLPORT443}
Listen [::0]:${SSLPORT443}
=> this *points* to the conf file that is "understood by Apache but ignored by Wamp" :)
[STEP 6] ON THE WAMP-COMPUTER: FOR EACH SPECIFIC VIRTUAL HOST (IF ANY)
Edit (as administrator)
D:\wamp\bin\apache\apache2.4.65\conf\extra\httpd-vhosts.conf
as follows
<VirtualHost *:80>
ServerName virtualhost
DocumentRoot "d:/wamp/www/myvirtualhost"
<Directory "d:/wamp/www/myvirtualhost/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require local
</Directory>
</VirtualHost>
This is actually the standard setting for a specific non-SSL virtual host
[STEP 7a] ON THE WAMP-COMPUTER: FOR THE MASTER SSL VIRTUAL HOST
Edit (as administrator)
D:\wamp\bin\apache\apache2.4.65\conf\extra\httpd-vhosts-ssl.conf
as follows
<VirtualHost *:${SSLPORT443}>
ServerName wamp-computer-name
# Master Root of all projects
DocumentRoot "D:/wamp/www"
<Directory "D:/wamp/www/">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# Master Root certificate
SSLEngine on
SSLCertificateFile "D:/wamp/bin/apache/apache2.4.65/conf/key/wamp-computer-name.crt"
SSLCertificateKeyFile "D:/wamp/bin/apache/apache2.4.65/conf/key/wamp-computer-name.key"
</VirtualHost>
=> this *is*the conf file that is "understood by Apache but ignored by Wamp" :)
[STEP 7b] ON THE WAMP-COMPUTER: FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
Edit (as administrator)
D:\wamp\bin\apache\apache2.4.65\conf\extra\httpd-vhosts-ssl.conf
as follows
<VirtualHost *:${SSLPORT443}>
ServerName myvirtualhost
# Root of specific SSL virtual host
DocumentRoot "d:/wamp/www/myvirtualhost"
<Directory "d:/wamp/www/myvirtualhost/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require local
</Directory>
# Certificate of specific SSL virtual host
SSLEngine on
SSLCertificateFile "d:/wamp/bin/apache/apache2.4.65/conf/key/myvirtualhost.crt"
SSLCertificateKeyFile "d:/wamp/bin/apache/apache2.4.65/conf/key/myvirtualhost.key"
</VirtualHost>
[STEP 8a] ON THE WAMP-COMPUTER: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
Browse to
D:\wamp\bin\apache\apache2.4.65\conf\key
then double-click
wamp-computer-name.crt
and store it for
Local Computer
in location
Trusted Root Certification Authorities
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above.
[STEP 8b] ON EACH OTHER COMPUTER ON THE LAN: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
Make sure "D:\" has been shared as data_d on wamp-computer
Browse to
\\wamp-computer-name\data_d\wamp\bin\apache\apache2.4.65\conf\key
then double-click
wamp-computer-name.crt
and store it for
Local Computer
in location
Trusted Root Certification Authorities
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above (except in the network path of course)
[STEP 9a] ON THE WAMP-COMPUTER: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
In Firefox, open the Certificate Manager
Settings > Privacy & Security > View Certificates
Ensure the "Authorities" is selected
Click the "Import.." button and browse to
D:\wamp\bin\apache\apache2.4.65\conf\key\wamp-computer-name.crt
In the "Downloading certificate" dialog, select both options
Trust this CA for identity websites
Trust this CA for identity email users
then click OK once to close the Downloading certificate" dialog, and once again to close the "Certificate Manager" dialog
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above
[STEP 9b] ON EACH OTHER COMPUTER ON THE LAN: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
In Firefox, open the Certificate Manager
Settings > Privacy & Security > View Certificates
Ensure the "Authorities" is selected
Click the "Import.." button and browse to
\\wamp-computer-name\data_d\wamp\bin\apache\apache2.4.65\conf\key\wamp-computer-name.crt
In the "Downloading certificate" dialog, select both options
Trust this CA for identity websites
Trust this CA for identity email users
then click OK once to close the Downloading certificate" dialog, and once again to close the "Certificate Manager" dialog
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above (except in the network path of course)
[STEP 10] ON THE WAMP-COMPUTER AND ON EACH OTHER COMPUTER ON THE LAN
In Firefox, open the Password Manager and add/update HTTPS credentials for the master SSL virtual host and/or each specific SSL virtual host, eg.
Website address : [wamp-computer-name]
Username : (the http username)
Password : (the http password)
For each existing WordPress project, check that
Settings > General point > WordPress Address (URL)
Settings > General point > Site Address (URL)
points to an HTTPS address
[STEP 11] ON THE WAMP-COMPUTER
Irrespective of the creation of a master SSL virtual host and specific SSL virtual hosts (in any), check that for each existing WordPress project
D:\wamp\www\wordpress\myproject\.htaccess
comprises
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /wordpress/myproject/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /wordpress/myproject/index.php [L]
</IfModule>
# END WordPress
[STEP 12a] ON THE WAMP-COMPUTER - OPTIONAL CHECKS
Cleanup possible previous certificate
Local Machine certificates
Win + R > certlm.msc
Current User certificates
Win + R > certmgr.msc
Open an admin CMD prompt on
D:\wamp\bin\apache\apache2.4.65\bin
and ensure no ghost references to previous SSL Virtual Hosts remain by executing
httpd -t
Open an admin CMD prompt anywhere and test a single file without the GUI (but with the full Apache power) by executing
php -S localhost:8000
[STEP 12b] ON EACH OTHER COMPUTER ON THE LAN - OPTIONAL CHECKS
Open an admin CMD prompt anywhere and run successively
ping wamp-computer-ip
tracert wamp-computer-ip
ping wamp-computer-name
tracert wamp-computer-name
Open an admin PowerShell prompt anywhere and run successively
Test-NetConnection IP_OF_wamp-computer-name -Port 443
netstat -ano | findstr :443
All these commands should return a no-error response
Else review carefully the setup step sequence!
[FINAL STEP]
Lauch Wamp and enjoy!
BEWARE. When opening an HTTPS link as designed above, you could be prompted ONCE to accept a "Security Risk". Just go for it, and you will not be nagged anymore.
Hi everyone
I've bee struggling to implement HTTPS in Wamp-powered websites over a LAN (Local Area Network)
The requirement is the following
Computer1 hosts one or several Wamp-powered websites
<www_root>\path1a\
<www_root>\path1b\
...
accessible through
[computer1-name]
[computer1-name]
...
Computer2 hosts one or several Wamp-powered websites
<www_root>\path2a\
<www_root>\path2b\
...
accessible through
[computer2-name]
[computer2-name]
...
etc.
Note that paths *may* be the same, eg. path1a=path2a, allowing to test the same site under different settings, eg.
[computer1-name]
[computer2-name]
Problems to solve
How to let one computer see another computer's sites, without using IPs (which are subject to change as we all know)?
How to get this working through HTTPS and without permanent "security warnings" from Edge/Chrome/Firefox/Safari/... ?
I came up with a complete, working solution that I wish to share
Enjoy
NL
WANPSERVER INSTALLATION DETAILS
Windows 11 Home 25H2 up-to-date
Wampserver 3.4.0
Installation directory: D:\wamp
WWW root directory: D:\wamp\www
Apache 2.4.65, meaning that the Apache directory is
D:\wamp\bin\apache\apache2.4.65\bin
Adapt the following to your needs if different
MAIN IDEA
Because of the LAN sticky access requirement, neither IPs (not sticky) nor localhost (not networkable) can be used.
The built-in Wamp HTTPS specific settings cannot be used either.
Trying to do so just destroyed the installation (parse errors, conf errors, etc.).
Indeed, it could not be recovered, neither by reinstalling (rejected by the installer because of an existing installation!) nor by the tools provided on the Wampserver official site.
A working solution obtains by complying with the following rules:
1. Do not use the tray icon for *setting* anything, only use it as checking interface
2. Always edit configuration files yourself and run commands yourself from an admin CMD or PS prompt
3. Most important: let the entire HTTPS configuration be stored in a conf file that is understood by Apache but ignored by Wamp (!)
SSL VIRTUAL HOSTS SETUP
Hereafter "wamp-computer" refers to any of the above computers running Wampserver, with Windows name "wamp-computer-name" and IP "wamp-computer-ip"
Repeat all tasks below for each computer running Wampserver
During the following steps ensure that
1. Wampserver is NOT running
2. the Windows account that you use has Administrator privileges, in order to be able to run anything "as administrator"
Reminder for newbies :)
"run as administrator" is an execution context that is granted to accounts which have Administrator privileges.
Thereby it is *not* a change of user!
Of course, the built-in Administrator account has Administrator privileges, hence can run anything "as administrator"
If an account has no Administrator privileges and tries to run something "as administrator", it will be prompted to enter the credentials of an account which does.
The following steps allow to implement HTTPS in two different but compatible configurations
1. Implement a master SSL virtual host
[wamp-computer-name]
yielding (almost) the same output
[localhost]
as a default Wamp installation, but *only* when opened from the wamp-computer itself.
Here the Apache DocumentRoot (on the wamp-computer) is
d:/wamp/www
2. Implement a specific SSL virtual host
[myvirtualhost]
yielding (almost) the same output
[myvirtualhost]
as a default Wamp installation, but *only* when opened from the wamp-computer itself.
Here the Apache DocumentRoot (on the wamp-computer) is
d:/wamp/www/myvirtualhost
It is perfectly possible to implement only *one* of these configurations.
However the choice has been made to implement configuration 1, with an option to implement configuration 2 additionaly.
PLEASE NOTE THAT THE STEP ORDER IS CRITICAL!
[STEP 1a] ON THE WAMP-COMPUTER
Edit (as administrator)
C:\Windows\System32\drivers\etc\hosts
as follows
#WAMP
127.0.0.1 localhost
::1 localhost
#Irrespective of the creation of a master SSL virtual host
127.0.0.1 wamp-computer-name
::1 wamp-computer-name
#For each specific SSL virtual host (if any)
127.0.0.1 myvirtualhost
::1 myvirtualhost
#For each other computer on the LAN
other-computer-ip other-computer-name
[STEP 1b] ON EACH OTHER COMPUTER ON THE LAN
Edit (as administrator)
C:\Windows\System32\drivers\etc\hosts
as follows
#WAMP
127.0.0.1 localhost
::1 localhost
#For the wamp-computer, irrespective of the creation of a master SSL virtual host
wamp-computer-ip wamp-computer-name
[STEP 2] ON THE WAMP-COMPUTER
Edit (as administrator)
D:\wamp\wampmanager.conf
and ensure that
NotVerifyHosts = "on"
This is mandatory to prevent Wampserver from overriding "C:\Windows\System32\drivers\etc\hosts"
[STEP 3] ON THE WAMP-COMPUTER
From Windows search bar type
Windows Defender Firewall with Advanced Security (in English)
Pare-Feu Windows Defender avec fonctions avancées de sécurité (in French)
and click
"Execute as administrator" (in English)
"Exécuter en tant qu'administrateur" (in French)
Then, in the Firewall console
Click "Inbound Rules"
Click "New Rule..."
Select Port "TCP"
In "Specific local ports," enter "443"
Select "Allow the connection"
Ensure that ONLY "Private" and "Public/Domain" are checked
Click "Finish"
This will allow other computers from the LAN to see [wamp-computer-name] and websites under it, because HTTPS operates on port 443
[STEP 4] ON THE WAMP-COMPUTER: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
Open an admin CMD prompt on
D:\wamp\bin\apache\apache2.4.65\bin
and execute
openssl req -x509 -newkey rsa:2048 -keyout ../conf/key/wamp-computer-name.key -out ../conf/key/wamp-computer-name.crt -days 3650 -nodes -subj "/CN=wamp-computer-name" -addext "subjectAltName=DNS:wamp-computer-name,DNS:localhost,IP:127.0.0.1" -config ../conf/openssl.cnf
REMARK. The certificate lifespan lies in the "-days 3650" switch, standing for 10 years. Other possibilities are
"-days 365" (1 year) to stay on the safe side
"-days 825" (roughly 2.2 years) because some browsers would throw a "Security Warning" beyond this threshold
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above.
[STEP 5] ON THE WAMP-COMPUTER
Edit (as administrator)
D:\wamp\bin\apache\apache2.4.65\conf\httpd.conf
as follows
# SSL Virtual hosts (ignored by Wamp)
Include conf/extra/httpd-vhosts-ssl.conf
#Turn standard SSL port 443 into a configuration variable
Define SSLPORT443 443
#Enforce listening to reconfigured SSL port
Listen 0.0.0.0:${SSLPORT443}
Listen [::0]:${SSLPORT443}
=> this *points* to the conf file that is "understood by Apache but ignored by Wamp" :)
[STEP 6] ON THE WAMP-COMPUTER: FOR EACH SPECIFIC VIRTUAL HOST (IF ANY)
Edit (as administrator)
D:\wamp\bin\apache\apache2.4.65\conf\extra\httpd-vhosts.conf
as follows
<VirtualHost *:80>
ServerName virtualhost
DocumentRoot "d:/wamp/www/myvirtualhost"
<Directory "d:/wamp/www/myvirtualhost/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require local
</Directory>
</VirtualHost>
This is actually the standard setting for a specific non-SSL virtual host
[STEP 7a] ON THE WAMP-COMPUTER: FOR THE MASTER SSL VIRTUAL HOST
Edit (as administrator)
D:\wamp\bin\apache\apache2.4.65\conf\extra\httpd-vhosts-ssl.conf
as follows
<VirtualHost *:${SSLPORT443}>
ServerName wamp-computer-name
# Master Root of all projects
DocumentRoot "D:/wamp/www"
<Directory "D:/wamp/www/">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# Master Root certificate
SSLEngine on
SSLCertificateFile "D:/wamp/bin/apache/apache2.4.65/conf/key/wamp-computer-name.crt"
SSLCertificateKeyFile "D:/wamp/bin/apache/apache2.4.65/conf/key/wamp-computer-name.key"
</VirtualHost>
=> this *is*the conf file that is "understood by Apache but ignored by Wamp" :)
[STEP 7b] ON THE WAMP-COMPUTER: FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
Edit (as administrator)
D:\wamp\bin\apache\apache2.4.65\conf\extra\httpd-vhosts-ssl.conf
as follows
<VirtualHost *:${SSLPORT443}>
ServerName myvirtualhost
# Root of specific SSL virtual host
DocumentRoot "d:/wamp/www/myvirtualhost"
<Directory "d:/wamp/www/myvirtualhost/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require local
</Directory>
# Certificate of specific SSL virtual host
SSLEngine on
SSLCertificateFile "d:/wamp/bin/apache/apache2.4.65/conf/key/myvirtualhost.crt"
SSLCertificateKeyFile "d:/wamp/bin/apache/apache2.4.65/conf/key/myvirtualhost.key"
</VirtualHost>
[STEP 8a] ON THE WAMP-COMPUTER: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
Browse to
D:\wamp\bin\apache\apache2.4.65\conf\key
then double-click
wamp-computer-name.crt
and store it for
Local Computer
in location
Trusted Root Certification Authorities
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above.
[STEP 8b] ON EACH OTHER COMPUTER ON THE LAN: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
Make sure "D:\" has been shared as data_d on wamp-computer
Browse to
\\wamp-computer-name\data_d\wamp\bin\apache\apache2.4.65\conf\key
then double-click
wamp-computer-name.crt
and store it for
Local Computer
in location
Trusted Root Certification Authorities
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above (except in the network path of course)
[STEP 9a] ON THE WAMP-COMPUTER: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
In Firefox, open the Certificate Manager
Settings > Privacy & Security > View Certificates
Ensure the "Authorities" is selected
Click the "Import.." button and browse to
D:\wamp\bin\apache\apache2.4.65\conf\key\wamp-computer-name.crt
In the "Downloading certificate" dialog, select both options
Trust this CA for identity websites
Trust this CA for identity email users
then click OK once to close the Downloading certificate" dialog, and once again to close the "Certificate Manager" dialog
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above
[STEP 9b] ON EACH OTHER COMPUTER ON THE LAN: FOR THE MASTER SSL VIRTUAL HOST AND FOR EACH SPECIFIC SSL VIRTUAL HOST (IF ANY)
In Firefox, open the Certificate Manager
Settings > Privacy & Security > View Certificates
Ensure the "Authorities" is selected
Click the "Import.." button and browse to
\\wamp-computer-name\data_d\wamp\bin\apache\apache2.4.65\conf\key\wamp-computer-name.crt
In the "Downloading certificate" dialog, select both options
Trust this CA for identity websites
Trust this CA for identity email users
then click OK once to close the Downloading certificate" dialog, and once again to close the "Certificate Manager" dialog
For a specific SSL virtual host replace "wamp-computer-name" by "myvirtualhost" in the above (except in the network path of course)
[STEP 10] ON THE WAMP-COMPUTER AND ON EACH OTHER COMPUTER ON THE LAN
In Firefox, open the Password Manager and add/update HTTPS credentials for the master SSL virtual host and/or each specific SSL virtual host, eg.
Website address : [wamp-computer-name]
Username : (the http username)
Password : (the http password)
For each existing WordPress project, check that
Settings > General point > WordPress Address (URL)
Settings > General point > Site Address (URL)
points to an HTTPS address
[STEP 11] ON THE WAMP-COMPUTER
Irrespective of the creation of a master SSL virtual host and specific SSL virtual hosts (in any), check that for each existing WordPress project
D:\wamp\www\wordpress\myproject\.htaccess
comprises
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /wordpress/myproject/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /wordpress/myproject/index.php [L]
</IfModule>
# END WordPress
[STEP 12a] ON THE WAMP-COMPUTER - OPTIONAL CHECKS
Cleanup possible previous certificate
Local Machine certificates
Win + R > certlm.msc
Current User certificates
Win + R > certmgr.msc
Open an admin CMD prompt on
D:\wamp\bin\apache\apache2.4.65\bin
and ensure no ghost references to previous SSL Virtual Hosts remain by executing
httpd -t
Open an admin CMD prompt anywhere and test a single file without the GUI (but with the full Apache power) by executing
php -S localhost:8000
[STEP 12b] ON EACH OTHER COMPUTER ON THE LAN - OPTIONAL CHECKS
Open an admin CMD prompt anywhere and run successively
ping wamp-computer-ip
tracert wamp-computer-ip
ping wamp-computer-name
tracert wamp-computer-name
Open an admin PowerShell prompt anywhere and run successively
Test-NetConnection IP_OF_wamp-computer-name -Port 443
netstat -ano | findstr :443
All these commands should return a no-error response
Else review carefully the setup step sequence!
[FINAL STEP]
Lauch Wamp and enjoy!
BEWARE. When opening an HTTPS link as designed above, you could be prompted ONCE to accept a "Security Risk". Just go for it, and you will not be nagged anymore.