在开发微信小程序的时候我们需要开启https本地测试,以下我们说明使用xmapp如何开启https访问

1. php中开启ssl

在php的配置文件中把openssl前面的注释去掉, 大概在配置文件的900行左右

配置文件路径为: xampp\php\php.ini

extension=openssl

2. 配置https虚拟主机

经常开发的同学应该清楚,平时我们开发经常用到vhost的配置,这个是http的虚拟主机的配置,根据域名匹配访问指定的目录。

现在我们需要使https生效,同样需要配置一个443端口可用的vhost

配置文件: xampp\apache\conf\extra\httpd-ssl.conf

在配置文件中121行左右有个<VirtualHost _default_:443>标签,该标签的结束标签一致到文件结束

我这边的做法是把从121行起的所有内容复制一份,粘贴到文件尾部,然后再修改,保留原始的样例不变

以下是我复制后的内容,有几个加注释的地方需要注意

<VirtualHost tfgzvjit.qcloud.la:>

#   General setup for the virtual host
# 以下几个配置比较重要,请根据自己的业务对应确定目录
DocumentRoot "D:/working/server/"
ServerName test.domain.com:
ServerAdmin admin@test.domain.com
ErrorLog "C:/xampp/apache/logs/test.domain.com.443.ogerror.log"
TransferLog "C:/xampp/apache/logs/test.domain.com.443.access.log" # SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on # Server Certificate:
# Point SSLCertificateFile "conf/ssl.crt/server.crt"
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
# require an ECC certificate which can also be configured in
# parallel.
SSLCertificateFile "conf/ssl.crt/server.crt"
#SSLCertificateFile "conf/ssl.crt/server.crt"
#SSLCertificateFile "conf/ssl.crt/server.crt" # Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
# ECC keys, when in use, can also be configured in parallel
SSLCertificateKeyFile "conf/ssl.key/server.key"
#SSLCertificateKeyFile "conf/ssl.key/server.key"
#SSLCertificateKeyFile "conf/ssl.key/server.key" # Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile "conf/ssl.crt/server.crt"
# certificate for convenience.
#SSLCertificateChainFile "c:/Apache24/conf/server-ca.crt" # Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCACertificatePath "c:/Apache24/conf/ssl.crt"
#SSLCACertificateFile "c:/Apache24/conf/ssl.crt/ca-bundle.crt" # Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded).
# The CRL checking mode needs to be configured explicitly
# through SSLCARevocationCheck (defaults to "none" otherwise).
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath "c:/Apache24/conf/ssl.crl"
#SSLCARevocationFile "c:/Apache24/conf/ssl.crl/ca-bundle.crl"
#SSLCARevocationCheck chain # Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth # TLS-SRP mutual authentication:
# Enable TLS-SRP and set the path to the OpenSSL SRP verifier
# file (containing login information for SRP user accounts).
# Requires OpenSSL 1.0. or newer. See the mod_ssl FAQ for
# detailed instructions on creating this file. Example:
# "openssl srp -srpvfile c:/Apache24/conf/passwd.srpv -add username"
#SSLSRPVerifierFile "c:/Apache24/conf/passwd.srpv" # Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= and %{TIME_WDAY} <= \
# and %{TIME_HOUR} >= and %{TIME_HOUR} <= ) \
# or %{REMOTE_ADDR} =~ m/^\.\.\.[-]+$/
#</Location> # SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X. into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X. certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "C:/xampp/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory> # SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn't wait for
# the close notify alert from client. When you need a different shutdown
# approach you can use one of the following variables:
# o ssl-unclean-shutdown:
# This forces an unclean shutdown when the connection is closed, i.e. no
# SSL close notify alert is sent or allowed to be received. This violates
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
# this when you receive I/O errors because of the standard approach where
# mod_ssl sends the close notify alert.
# o ssl-accurate-shutdown:
# This forces an accurate shutdown when the connection is closed, i.e. a
# SSL close notify alert is send and mod_ssl waits for the close notify
# alert of the client. This is % SSL/TLS standard compliant, but in
# practice often causes hanging connections with brain-dead browsers. Use
# this only for browsers where you know that their SSL implementation
# works correctly.
# Notice: Most problems of broken clients are also related to the HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0 # Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog "C:/xampp/apache/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost>

修改完以上内容重启apache即可

xmapp开启https的更多相关文章

  1. Ubuntu下配置apache开启https

    一.HTTPS简述随着网络的日常,信息安全越来越重要,传统的网站都是http协议明文传输,而HTTPS协议是由SSL+HTTP协议构建的可进行加密传输.身份认证的网络协议,比http协议安全. 那ht ...

  2. 网站开启https后加密协议始终是TLS1.0如何配置成TLS1.2?

    p { margin-bottom: 0.1in; line-height: 120% } 网站开启https后加密协议始终是TLS1.0如何配置成TLS1.2? 要在服务器上开启 TLSv1.,通常 ...

  3. apache和nginx开启https

    1.安装mod_ssl和openssl yum -y install mod_ssl openssl 2.建立服务器密钥 mkdir /etc/httpd/conf.d/ssl.key/ cd /et ...

  4. 分享一个免费SSL证书申请网站,给网站开启https协议 | 张戈博客

    这些天,由于公司的业务需求,接触到了ssl证书和https协议.博客前几篇文章也分享了在WEB服务器上安装SSL证书,为网站开启https协议的教程,感兴趣的童鞋可以前往查看相关文章: <Lin ...

  5. NatApp开启HTTPS访问方式

    一.首先需要到付费隧道中选择免费开启https 二.其次需要重新启动natapp服务,如下图出现两个隧道说明OK

  6. 七牛云存储上传自有证书开启https访问

    虽然七牛云存储也提供免费SSL证书申请,但我就喜欢用其他平台申请的,于是在腾讯云申请了免费SSL证书,正准备在七牛上传,弹出的界面却让我傻了眼,如下图所示: 腾讯免费SSL证书提供了不同服务器环境的版 ...

  7. WordPress整站轻松开启HTTPS

    近两年来HTTPS取代HTTP已经成为大势所趋.早在2014年google Chromium安全团队提议将所有的HTTP协议网站标注为不安全.现在,Chrome浏览器已经开始执行这一标准了.从 Chr ...

  8. 利用GitHub搭建Hexo博客并开启HTTPS

    Hexo 是一个快速.简洁且高效的博客框架.Hexo 使用 Markdown(或其他渲染引擎)解析文章,在几秒内,即可利用靓丽的主题生成静态网页. GitHub 是一个面向开源及私有软件项目的托管平台 ...

  9. 个人博客如何开启 https

    以前写过利用 wordpress 搭建的一个博客『个人博客搭建( wordpress )』,绑定了域名,但是没开启 https,在浏览博客的时候浏览器会提示不安全.下面来谈下个人博客如何免费申请证书, ...

随机推荐

  1. SharePoint专家新闻轮转器WebPart----亲測力推之Web部件

    SharePoint专家新闻轮转器WebPart----亲測力推之Web部件 项目截图: 注意: 专家新闻轮转器还在測试阶段.期待大家讨论和跟踪问题. 项目描写叙述: 专家新闻轮转器是一个ShareP ...

  2. python-数据结构Data Structure1

    四种数据结构: 列表list = [val1,val2,val3,val4]字典dict = {key1:val1,key2:val2}元组tuple = (val2,val2,val3,val4)集 ...

  3. unity, List namespace

    如果要使用List,需要using System.Collections.Generic;

  4. Atitit. 软件开发中的管理哲学--一个伟大的事业必然是过程导向为主 过程导向 vs 结果导向

    Atitit. 软件开发中的管理哲学--一个伟大的事业必然是过程导向为主    过程导向 vs 结果导向 1. 一个伟大的事业必然是过程导向为主 1 1.1. 过程的执行情况(有明确的执行手册及标准) ...

  5. java 容器结构

    先来看下层次关系. 如图所示:图中,实线边框的是实现类,折线边框的是抽象类,而点线边框的是接口 Collection(接口)├──List(接口)│   ├──LinkedList(实现类)│   ├ ...

  6. Android Studio怎样import module(针对非gradle)

    相同的,非gradle编译的project和gradle编译的在import module上相同有一些差别. 包含操作上,显示上的一些差别,曾经的文章中,仅仅要没有标注"非gradle&qu ...

  7. SQL基础之聚合与排序

    聚合函数是用来求和,平均值,最大最小值一类的函数. 常用的有COUNT.SUM.MAX.MIN.AVG. count() 参数为列名,也可以使用*,表示全部列. 默认*会统计所有行的数据,如果想过滤掉 ...

  8. 数据库设计(七)第三范式(3NF)

    In our last tutorial, we learned about the second normal form and even normalized our Score table in ...

  9. 自己动手搞定支付宝手机Wap网站支付接口 FOR ECShop

    支付宝WAP网站版本的支付接口网上整合的比较少,看到很多网站在卖,顿觉无语. 主要是得自己查看支付宝官方提供的SDK中的开发文档. 支付宝sdk下载地址:https://doc.open.alipay ...

  10. mogndb 慢查询

    0  摘要 在MySQL中,慢查询日志是经常作为我们优化查询的依据,那在MongoDB中是否有类似的功能呢?答案是肯定的,那就是开启Profiling功能.该工具在运行的实例上收集有关MongoDB的 ...