Openssl Certificate (apatche2.4 in windows)


how to creating ssl certificate to openssl in apatche2.4 to windows
can I help me pleas



Please follow this line for instructions.


You might also want to look at the list of Windows clients in

I think win-acme is now the most used.


Thanks… but I want to know how to set up the certificate safely OPENSSL because I started to create it and something went wrong
can you help me

These commands are used
1-openssl req -config openssl.cnf -new -out htv.csr -keyout htv.pem
2-openssl rsa -in htv.pem -out htv.key
3-openssl x509 -in htv.csr -out htv.crt -req -signkey htv.key -days 3650

open to config file and change the port (443)

del # to line 184 (Load Module ssl-module)
and # to line 171 (LoadModule rewrite_module)
AND # TO line 191 (LoadModule vhost_alias_module)
and insert vhosts :
<VirtualHost *:443>
DocumentRoot "C:/Apache24/htdocs/localhost/"
ServerName localhost
Redirect / https://localhost/
ServerAlias localhost/
SSLEngine on
SSLCertificateFile "C:/Apache24/conf/htv.crt"
SSLCertificateKeyFile "C:/Apache24/conf/htv.key"
SSLCertificateChainFile “C:/Apache24/conf/htv.crt”

insert this Redirect in line 356:

  RewriteEngine On
  RewriteCond %{HTTPS} off
  RewriteRule (.*) https://%{lopcalhost/}:443%{REQUEST_URI} 

open httpd-vhosts file and change the port 443 line 15 and

copy and change to port 80 to 443
change the setting in vhost 80 and 443
<VirtualHost *:443>

mysite is local and my server is Apache

** this is task in my university **


localhost uses an invalid security certificate.

The certificate is not trusted because it is self-signed.
The certificate is not valid for the name localhost.


Peer’s Certificate issuer is not recognized.
HTTP Strict Transport Security: false
HTTP Public Key Pinning: false
Certificate chain:



Do you mean want to create a self-signed ssl (not trusted by public CA) for your local website?

If so, you can follow this link (as that’s what i used for ssl self-sign):

However, if you are trying to obtain a trusted ssl for localhost, it’s not possible since ssl can only be issued under trusted public domains (no localhost, xxx.local etc)

Thank you


Thank you @stevenzhu
and You have all the appreciation :kissing_heart: