在开发微信小程序的时候我们需要开启https本地测试,以下我们说明使用xmapp如何开启https访问

1. php中开启ssl

在php的配置文件中把openssl前面的注释去掉, 大概在配置文件的900行左右

配置文件路径为: xampp\php\php.ini

  1. extension=openssl

2. 配置https虚拟主机

经常开发的同学应该清楚,平时我们开发经常用到vhost的配置,这个是http的虚拟主机的配置,根据域名匹配访问指定的目录。

现在我们需要使https生效,同样需要配置一个443端口可用的vhost

配置文件: xampp\apache\conf\extra\httpd-ssl.conf

在配置文件中121行左右有个<VirtualHost _default_:443>标签,该标签的结束标签一致到文件结束

我这边的做法是把从121行起的所有内容复制一份,粘贴到文件尾部,然后再修改,保留原始的样例不变

以下是我复制后的内容,有几个加注释的地方需要注意

  1. <VirtualHost tfgzvjit.qcloud.la:>
  2.  
  3. # General setup for the virtual host
  4. # 以下几个配置比较重要,请根据自己的业务对应确定目录
  5. DocumentRoot "D:/working/server/"
  6. ServerName test.domain.com:
  7. ServerAdmin admin@test.domain.com
  8. ErrorLog "C:/xampp/apache/logs/test.domain.com.443.ogerror.log"
  9. TransferLog "C:/xampp/apache/logs/test.domain.com.443.access.log"
  10.  
  11. # SSL Engine Switch:
  12. # Enable/Disable SSL for this virtual host.
  13. SSLEngine on
  14.  
  15. # Server Certificate:
  16. # Point SSLCertificateFile "conf/ssl.crt/server.crt"
  17. # the certificate is encrypted, then you will be prompted for a
  18. # pass phrase. Note that a kill -HUP will prompt again. Keep
  19. # in mind that if you have both an RSA and a DSA certificate you
  20. # can configure both in parallel (to also allow the use of DSA
  21. # ciphers, etc.)
  22. # Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
  23. # require an ECC certificate which can also be configured in
  24. # parallel.
  25. SSLCertificateFile "conf/ssl.crt/server.crt"
  26. #SSLCertificateFile "conf/ssl.crt/server.crt"
  27. #SSLCertificateFile "conf/ssl.crt/server.crt"
  28.  
  29. # Server Private Key:
  30. # If the key is not combined with the certificate, use this
  31. # directive to point at the key file. Keep in mind that if
  32. # you've both a RSA and a DSA private key you can configure
  33. # both in parallel (to also allow the use of DSA ciphers, etc.)
  34. # ECC keys, when in use, can also be configured in parallel
  35. SSLCertificateKeyFile "conf/ssl.key/server.key"
  36. #SSLCertificateKeyFile "conf/ssl.key/server.key"
  37. #SSLCertificateKeyFile "conf/ssl.key/server.key"
  38.  
  39. # Server Certificate Chain:
  40. # Point SSLCertificateChainFile at a file containing the
  41. # concatenation of PEM encoded CA certificates which form the
  42. # certificate chain for the server certificate. Alternatively
  43. # the referenced file can be the same as SSLCertificateFile "conf/ssl.crt/server.crt"
  44. # certificate for convenience.
  45. #SSLCertificateChainFile "c:/Apache24/conf/server-ca.crt"
  46.  
  47. # Certificate Authority (CA):
  48. # Set the CA certificate verification path where to find CA
  49. # certificates for client authentication or alternatively one
  50. # huge file containing all of them (file must be PEM encoded)
  51. # Note: Inside SSLCACertificatePath you need hash symlinks
  52. # to point to the certificate files. Use the provided
  53. # Makefile to update the hash symlinks after changes.
  54. #SSLCACertificatePath "c:/Apache24/conf/ssl.crt"
  55. #SSLCACertificateFile "c:/Apache24/conf/ssl.crt/ca-bundle.crt"
  56.  
  57. # Certificate Revocation Lists (CRL):
  58. # Set the CA revocation path where to find CA CRLs for client
  59. # authentication or alternatively one huge file containing all
  60. # of them (file must be PEM encoded).
  61. # The CRL checking mode needs to be configured explicitly
  62. # through SSLCARevocationCheck (defaults to "none" otherwise).
  63. # Note: Inside SSLCARevocationPath you need hash symlinks
  64. # to point to the certificate files. Use the provided
  65. # Makefile to update the hash symlinks after changes.
  66. #SSLCARevocationPath "c:/Apache24/conf/ssl.crl"
  67. #SSLCARevocationFile "c:/Apache24/conf/ssl.crl/ca-bundle.crl"
  68. #SSLCARevocationCheck chain
  69.  
  70. # Client Authentication (Type):
  71. # Client certificate verification type and depth. Types are
  72. # none, optional, require and optional_no_ca. Depth is a
  73. # number which specifies how deeply to verify the certificate
  74. # issuer chain before deciding the certificate is not valid.
  75. #SSLVerifyClient require
  76. #SSLVerifyDepth
  77.  
  78. # TLS-SRP mutual authentication:
  79. # Enable TLS-SRP and set the path to the OpenSSL SRP verifier
  80. # file (containing login information for SRP user accounts).
  81. # Requires OpenSSL 1.0. or newer. See the mod_ssl FAQ for
  82. # detailed instructions on creating this file. Example:
  83. # "openssl srp -srpvfile c:/Apache24/conf/passwd.srpv -add username"
  84. #SSLSRPVerifierFile "c:/Apache24/conf/passwd.srpv"
  85.  
  86. # Access Control:
  87. # With SSLRequire you can do per-directory access control based
  88. # on arbitrary complex boolean expressions containing server
  89. # variable checks and other lookup directives. The syntax is a
  90. # mixture between C and Perl. See the mod_ssl documentation
  91. # for more details.
  92. #<Location />
  93. #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
  94. # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
  95. # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
  96. # and %{TIME_WDAY} >= and %{TIME_WDAY} <= \
  97. # and %{TIME_HOUR} >= and %{TIME_HOUR} <= ) \
  98. # or %{REMOTE_ADDR} =~ m/^\.\.\.[-]+$/
  99. #</Location>
  100.  
  101. # SSL Engine Options:
  102. # Set various options for the SSL engine.
  103. # o FakeBasicAuth:
  104. # Translate the client X. into a Basic Authorisation. This means that
  105. # the standard Auth/DBMAuth methods can be used for access control. The
  106. # user name is the `one line' version of the client's X. certificate.
  107. # Note that no password is obtained from the user. Every entry in the user
  108. # file needs this password: `xxj31ZMTZzkVA'.
  109. # o ExportCertData:
  110. # This exports two additional environment variables: SSL_CLIENT_CERT and
  111. # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
  112. # server (always existing) and the client (only existing when client
  113. # authentication is used). This can be used to import the certificates
  114. # into CGI scripts.
  115. # o StdEnvVars:
  116. # This exports the standard SSL/TLS related `SSL_*' environment variables.
  117. # Per default this exportation is switched off for performance reasons,
  118. # because the extraction step is an expensive operation and is usually
  119. # useless for serving static content. So one usually enables the
  120. # exportation for CGI and SSI requests only.
  121. # o StrictRequire:
  122. # This denies access when "SSLRequireSSL" or "SSLRequire" applied even
  123. # under a "Satisfy any" situation, i.e. when it applies access is denied
  124. # and no other module can change it.
  125. # o OptRenegotiate:
  126. # This enables optimized SSL connection renegotiation handling when SSL
  127. # directives are used in per-directory context.
  128. #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
  129. <FilesMatch "\.(cgi|shtml|phtml|php)$">
  130. SSLOptions +StdEnvVars
  131. </FilesMatch>
  132. <Directory "C:/xampp/apache/cgi-bin">
  133. SSLOptions +StdEnvVars
  134. </Directory>
  135.  
  136. # SSL Protocol Adjustments:
  137. # The safe and default but still SSL/TLS standard compliant shutdown
  138. # approach is that mod_ssl sends the close notify alert but doesn't wait for
  139. # the close notify alert from client. When you need a different shutdown
  140. # approach you can use one of the following variables:
  141. # o ssl-unclean-shutdown:
  142. # This forces an unclean shutdown when the connection is closed, i.e. no
  143. # SSL close notify alert is sent or allowed to be received. This violates
  144. # the SSL/TLS standard but is needed for some brain-dead browsers. Use
  145. # this when you receive I/O errors because of the standard approach where
  146. # mod_ssl sends the close notify alert.
  147. # o ssl-accurate-shutdown:
  148. # This forces an accurate shutdown when the connection is closed, i.e. a
  149. # SSL close notify alert is send and mod_ssl waits for the close notify
  150. # alert of the client. This is % SSL/TLS standard compliant, but in
  151. # practice often causes hanging connections with brain-dead browsers. Use
  152. # this only for browsers where you know that their SSL implementation
  153. # works correctly.
  154. # Notice: Most problems of broken clients are also related to the HTTP
  155. # keep-alive facility, so you usually additionally want to disable
  156. # keep-alive for those clients, too. Use variable "nokeepalive" for this.
  157. # Similarly, one has to force some clients to use HTTP/1.0 to workaround
  158. # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
  159. # "force-response-1.0" for this.
  160. BrowserMatch "MSIE [2-5]" \
  161. nokeepalive ssl-unclean-shutdown \
  162. downgrade-1.0 force-response-1.0
  163.  
  164. # Per-Server Logging:
  165. # The home of a custom SSL log file. Use this when you want a
  166. # compact non-error SSL logfile on a virtual host basis.
  167. CustomLog "C:/xampp/apache/logs/ssl_request.log" \
  168. "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
  169.  
  170. </VirtualHost>

修改完以上内容重启apache即可

xmapp开启https的更多相关文章

  1. Ubuntu下配置apache开启https

    一.HTTPS简述随着网络的日常,信息安全越来越重要,传统的网站都是http协议明文传输,而HTTPS协议是由SSL+HTTP协议构建的可进行加密传输.身份认证的网络协议,比http协议安全. 那ht ...

  2. 网站开启https后加密协议始终是TLS1.0如何配置成TLS1.2?

    p { margin-bottom: 0.1in; line-height: 120% } 网站开启https后加密协议始终是TLS1.0如何配置成TLS1.2? 要在服务器上开启 TLSv1.,通常 ...

  3. apache和nginx开启https

    1.安装mod_ssl和openssl yum -y install mod_ssl openssl 2.建立服务器密钥 mkdir /etc/httpd/conf.d/ssl.key/ cd /et ...

  4. 分享一个免费SSL证书申请网站,给网站开启https协议 | 张戈博客

    这些天,由于公司的业务需求,接触到了ssl证书和https协议.博客前几篇文章也分享了在WEB服务器上安装SSL证书,为网站开启https协议的教程,感兴趣的童鞋可以前往查看相关文章: <Lin ...

  5. NatApp开启HTTPS访问方式

    一.首先需要到付费隧道中选择免费开启https 二.其次需要重新启动natapp服务,如下图出现两个隧道说明OK

  6. 七牛云存储上传自有证书开启https访问

    虽然七牛云存储也提供免费SSL证书申请,但我就喜欢用其他平台申请的,于是在腾讯云申请了免费SSL证书,正准备在七牛上传,弹出的界面却让我傻了眼,如下图所示: 腾讯免费SSL证书提供了不同服务器环境的版 ...

  7. WordPress整站轻松开启HTTPS

    近两年来HTTPS取代HTTP已经成为大势所趋.早在2014年google Chromium安全团队提议将所有的HTTP协议网站标注为不安全.现在,Chrome浏览器已经开始执行这一标准了.从 Chr ...

  8. 利用GitHub搭建Hexo博客并开启HTTPS

    Hexo 是一个快速.简洁且高效的博客框架.Hexo 使用 Markdown(或其他渲染引擎)解析文章,在几秒内,即可利用靓丽的主题生成静态网页. GitHub 是一个面向开源及私有软件项目的托管平台 ...

  9. 个人博客如何开启 https

    以前写过利用 wordpress 搭建的一个博客『个人博客搭建( wordpress )』,绑定了域名,但是没开启 https,在浏览博客的时候浏览器会提示不安全.下面来谈下个人博客如何免费申请证书, ...

随机推荐

  1. android 屏幕适配原则

    屏幕大小 1.不同的layout Android手 机屏幕大小不一,有480x320,640x360,800x480.怎样才能让App自动适应不同的屏幕呢? 其实很简单,只需要在res目录下创建不同的 ...

  2. Microsoft Team Foundation Server 2010 安装 序列号 注册码(转载)

    安装过程: 一.安装操作系统 安装Windows 2008 R2简体中文版 二.准备安装过程中的需要的用户账户,并设置相应权限. 具体流程如下: 1.点击“开始”——“管理工具”——“计算机管理” 2 ...

  3. unity, break prefab instance

    菜单->GameObject->Break Prefab Instance,可以打断prefab实例与prefab的连接. 一个用处是:比如想从sceneA拷贝一部分Hierarchy结构 ...

  4. R内存扩展 win7内存扩展

    安装包 imdiskinst 文件 램디스크 사용http://www.ltr-data.se/ http://cruciancar.blog.me/150101634586 --TEMP 변수 TE ...

  5. mysql启动与关闭

    撰于:http://wenku.baidu.com/link?url=QV3mEJWnU4c8VZPjKGxz4A8gSmdjO2HZY7n963UaVx4l_uPKrh16tGxLyqjf5i3MA ...

  6. sql中的SET NOCOUNT ON/OFF

    当 SET NOCOUNT 为 ON 时,不返回计数(表示受Transact-SQL 语句影响的行数). 当 SET NOCOUNT 为 OFF 时,返回计数(默认为OFF). 即使当 SET NOC ...

  7. 广告过滤神器(ADMuncher)4.93

    Ad Muncher 介绍:        浏览网页时,冷不防地被网站播放的MIDI音乐声音吓一跳,或是因为弹出的广告窗口碍事,而影响你上网络的心情.Ad Muncher支持Netscape.Inte ...

  8. redis-cli 常用命令

    1.连接操作相关的命令 quit:关闭连接(connection) auth:简单密码认证 2.对value操作的命令 exists(key):确认一个key是否存在 del(key):删除一个key ...

  9. android studio 中配置androidAnnotation 的新版正确配置

    apply ].processResources.manifestFile resourcePackageName 'com.peiandsky.firstandroidstudio' }}

  10. Missing artifact javax.transaction:jta:jar:1.0.1B解决办法

    maven库中缺少了这个jar,需要把这个jar安装到本地库中去. 1.下载包含此jar的zip包,地址: http://download.csdn.net/detail/spring123tt/68 ...