Lets encrypt certificate for wampserver 3.2 in windows server 2012r2

Help
1

I created a windows server 2012 r2 VM, I installed wampserver 3.2 and I pointed the public IP address to a subdomain

I generated a ssl certificate successfully enter image description here

I uncommented all ssl requirements on httpd.conf

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-default.conf

I pointed to the certificate and the key and updated cipher and protocol and virtualhost in httpd-ssl.conf file

SSLCertificateFile "${SRVROOT}/conf/sapilog.gromab.com-chain.pem"

SSLCertificateKeyFile "${SRVROOT}/conf/sapilog.gromab.com-key.pem"

    DocumentRoot "C:/wamp64/www/gestion"
    ServerName sapilog.gromab.com
    ServerAdmin admin@example.com
    ErrorLog "${SRVROOT}/logs/error.log"
    TransferLog "${SRVROOT}/logs/access.log"

    SSLCipherSuite ECDH+AESGCM256:ECDH+CHACHA20:DH+AESGCM256:ECDH+AES256:DH+AES256:!aNULL:!MD5:!DSS
    SSLProxyCipherSuite ECDH+AESGCM256:ECDH+CHACHA20:DH+AESGCM256:ECDH+AES256:DH+AES256:!aNULL:!MD5:!DSS

    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    SSLProxyProtocol all -SSLv3 -TLSv1 -TLSv1.1
    ```



but the https does not work on wampserver (http works fine http://sapilog.gromab.com)

Any suggestions would be appreciated.
1 Like
2

Welcome to the Let's Encrypt Community, Khalil :slightly_smiling_face:

What says apachectl -S ?

3

Hi @khalilgro

checking your domain there is a timeout (https).

Works https internal?

curl https://sapilog.gromab.com/

If that works, it may be a (Windows-) firewall problem or a missing router configuration.

1 Like
4

I concur with @JuergenAuer's findings. I was unable to connect via https from two different locations.

5

thank you very much for your welcome
it doesn't not work on internal too
I have opened 80 and 443 ports in windows and forwared 80 and 443 from router to this server
otherwise, http://sapilog.gromab.com also doesn't wrok and certificate will not be generated

1 Like
6

Hence...

What says apachectl -S ?

7

httpd -t (equivalent of apachectl -S I think) says :
Syntax OKapache

1 Like
8

You have created one certificate - see your output, see https://check-your-website.server-daten.de/?q=sapilog.gromab.com#ct-logs.

Issuer not before not after Domain names LE-Duplicate next LE
R3 2021-03-23 2021-06-21 sapilog.gromab.com - 1 entries duplicate nr. 1

So that part has worked. You have to use it.

PS: Check httpd -S

1 Like
9

apache2

1 Like
10

So you have a working port 443 configuration.

So it's a router / firewall problem you have to fix.

1 Like
11

we have rooter zte F660 (I need to do something other than port 80,443 forwarding on rooter ?)

1 Like
12

So your machine is physically hosted at your workplace and the router is the thing between the internet and your server, and this has been configured to forward port 80 and 443 to port 80 and 443 of your server.

Is your server hosted in a virtual machine (Hyper V or VMWare etc?) if so what are the firewall settings of the host machine (which runs the VMs). I assume you're not running a physical machine.

13

Yes, exactly
my server is hosted in VirtualBox 6.1 virtual machine inside Windows 7 64bits (physical machine)

in this physical machine, I have disabled Firewall

14

Ok, and your port forwarding from the router will need to point to the IP of the server VM, not your physical host.

15

yes exactly, it points to the ip of VM windows server

16

thank you for your help, now it works, the problem is in apache service
httpd -k restart says an error:

httpdk
httpdk693×64 13.6 KB

I installed the service and I have this error: ok
I commented
Listen [::0]:80 in httpd.conf
and restart wampserver and it works :slight_smile:

1 Like
17

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.