在开发微信小程序的时候我们需要开启https本地测试,以下我们说明使用xmapp如何开启https访问

1. php中开启ssl

在php的配置文件中把openssl前面的注释去掉, 大概在配置文件的900行左右

配置文件路径为: xampp\php\php.ini

extension=openssl

2. 配置https虚拟主机

经常开发的同学应该清楚,平时我们开发经常用到vhost的配置,这个是http的虚拟主机的配置,根据域名匹配访问指定的目录。

现在我们需要使https生效,同样需要配置一个443端口可用的vhost

配置文件: xampp\apache\conf\extra\httpd-ssl.conf

在配置文件中121行左右有个<VirtualHost _default_:443>标签,该标签的结束标签一致到文件结束

我这边的做法是把从121行起的所有内容复制一份,粘贴到文件尾部,然后再修改,保留原始的样例不变

以下是我复制后的内容,有几个加注释的地方需要注意

<VirtualHost tfgzvjit.qcloud.la:>

#   General setup for the virtual host
# 以下几个配置比较重要,请根据自己的业务对应确定目录
DocumentRoot "D:/working/server/"
ServerName test.domain.com:
ServerAdmin admin@test.domain.com
ErrorLog "C:/xampp/apache/logs/test.domain.com.443.ogerror.log"
TransferLog "C:/xampp/apache/logs/test.domain.com.443.access.log" # SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on # Server Certificate:
# Point SSLCertificateFile "conf/ssl.crt/server.crt"
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
# require an ECC certificate which can also be configured in
# parallel.
SSLCertificateFile "conf/ssl.crt/server.crt"
#SSLCertificateFile "conf/ssl.crt/server.crt"
#SSLCertificateFile "conf/ssl.crt/server.crt" # Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
# ECC keys, when in use, can also be configured in parallel
SSLCertificateKeyFile "conf/ssl.key/server.key"
#SSLCertificateKeyFile "conf/ssl.key/server.key"
#SSLCertificateKeyFile "conf/ssl.key/server.key" # Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile "conf/ssl.crt/server.crt"
# certificate for convenience.
#SSLCertificateChainFile "c:/Apache24/conf/server-ca.crt" # Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCACertificatePath "c:/Apache24/conf/ssl.crt"
#SSLCACertificateFile "c:/Apache24/conf/ssl.crt/ca-bundle.crt" # Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded).
# The CRL checking mode needs to be configured explicitly
# through SSLCARevocationCheck (defaults to "none" otherwise).
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath "c:/Apache24/conf/ssl.crl"
#SSLCARevocationFile "c:/Apache24/conf/ssl.crl/ca-bundle.crl"
#SSLCARevocationCheck chain # Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth # TLS-SRP mutual authentication:
# Enable TLS-SRP and set the path to the OpenSSL SRP verifier
# file (containing login information for SRP user accounts).
# Requires OpenSSL 1.0. or newer. See the mod_ssl FAQ for
# detailed instructions on creating this file. Example:
# "openssl srp -srpvfile c:/Apache24/conf/passwd.srpv -add username"
#SSLSRPVerifierFile "c:/Apache24/conf/passwd.srpv" # Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= and %{TIME_WDAY} <= \
# and %{TIME_HOUR} >= and %{TIME_HOUR} <= ) \
# or %{REMOTE_ADDR} =~ m/^\.\.\.[-]+$/
#</Location> # SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X. into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X. certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "C:/xampp/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory> # SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn't wait for
# the close notify alert from client. When you need a different shutdown
# approach you can use one of the following variables:
# o ssl-unclean-shutdown:
# This forces an unclean shutdown when the connection is closed, i.e. no
# SSL close notify alert is sent or allowed to be received. This violates
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
# this when you receive I/O errors because of the standard approach where
# mod_ssl sends the close notify alert.
# o ssl-accurate-shutdown:
# This forces an accurate shutdown when the connection is closed, i.e. a
# SSL close notify alert is send and mod_ssl waits for the close notify
# alert of the client. This is % SSL/TLS standard compliant, but in
# practice often causes hanging connections with brain-dead browsers. Use
# this only for browsers where you know that their SSL implementation
# works correctly.
# Notice: Most problems of broken clients are also related to the HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0 # Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog "C:/xampp/apache/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost>

修改完以上内容重启apache即可

xmapp开启https的更多相关文章

  1. Ubuntu下配置apache开启https

    一.HTTPS简述随着网络的日常,信息安全越来越重要,传统的网站都是http协议明文传输,而HTTPS协议是由SSL+HTTP协议构建的可进行加密传输.身份认证的网络协议,比http协议安全. 那ht ...

  2. 网站开启https后加密协议始终是TLS1.0如何配置成TLS1.2?

    p { margin-bottom: 0.1in; line-height: 120% } 网站开启https后加密协议始终是TLS1.0如何配置成TLS1.2? 要在服务器上开启 TLSv1.,通常 ...

  3. apache和nginx开启https

    1.安装mod_ssl和openssl yum -y install mod_ssl openssl 2.建立服务器密钥 mkdir /etc/httpd/conf.d/ssl.key/ cd /et ...

  4. 分享一个免费SSL证书申请网站,给网站开启https协议 | 张戈博客

    这些天,由于公司的业务需求,接触到了ssl证书和https协议.博客前几篇文章也分享了在WEB服务器上安装SSL证书,为网站开启https协议的教程,感兴趣的童鞋可以前往查看相关文章: <Lin ...

  5. NatApp开启HTTPS访问方式

    一.首先需要到付费隧道中选择免费开启https 二.其次需要重新启动natapp服务,如下图出现两个隧道说明OK

  6. 七牛云存储上传自有证书开启https访问

    虽然七牛云存储也提供免费SSL证书申请,但我就喜欢用其他平台申请的,于是在腾讯云申请了免费SSL证书,正准备在七牛上传,弹出的界面却让我傻了眼,如下图所示: 腾讯免费SSL证书提供了不同服务器环境的版 ...

  7. WordPress整站轻松开启HTTPS

    近两年来HTTPS取代HTTP已经成为大势所趋.早在2014年google Chromium安全团队提议将所有的HTTP协议网站标注为不安全.现在,Chrome浏览器已经开始执行这一标准了.从 Chr ...

  8. 利用GitHub搭建Hexo博客并开启HTTPS

    Hexo 是一个快速.简洁且高效的博客框架.Hexo 使用 Markdown(或其他渲染引擎)解析文章,在几秒内,即可利用靓丽的主题生成静态网页. GitHub 是一个面向开源及私有软件项目的托管平台 ...

  9. 个人博客如何开启 https

    以前写过利用 wordpress 搭建的一个博客『个人博客搭建( wordpress )』,绑定了域名,但是没开启 https,在浏览博客的时候浏览器会提示不安全.下面来谈下个人博客如何免费申请证书, ...

随机推荐

  1. NOJ 1012 进制转换(十进制转换成随意进制)

    题目: 进制转换 时间限制(普通/Java) : 1000 MS/ 3000 MS          执行内存限制 : 65536 KByte总提交 : 1819            測试通过 : ...

  2. Laravel建站03--建立前台文章列表和文章详情

    经过了前面的开发环境搭建和数据库配置.git配置的准备工作以后,现在可以开始动作做点什么了. 先从简单的开始,那就先来个文章列表和详情页吧. 这期间可以学习到路由.建立model.controller ...

  3. HDU 5303 Delicious Apples(思维题)

    Delicious Apples Time Limit: 5000/3000 MS (Java/Others)    Memory Limit: 524288/524288 K (Java/Other ...

  4. hdu1243 最长公共子序列(LCS)

    原题地址 题目分析 这道题基本上是在普通LCS问题上的一点小小的变形,由求LCS的长度,改为求LCS的权值.架构还是不变的.可作为LCS问题的模板题.时间复杂度O(N^2). 注意 题目中的字母都是小 ...

  5. Atitit.ati  str  字符串增强api

    Atitit.ati  str  字符串增强api 1. java StringUtils方法全览 分类: Java2011-11-30 17:22 8194人阅读 评论(2) 收藏 举报 javas ...

  6. 李洪强iOS开发之iOS好文章收集

    李洪强iOS开发之iOS好文章收集 该文收集朋友们转发或自己的写的技术文章,如果你也有相关的好文章,欢迎留言,当好文章多的时候,我会对这些好文章进行分门别类 文章 简述 日期 直播服务配置 使用 ng ...

  7. [Delphi] 常用字符集简介

    转载 http://www.cnblogs.com/yangyxd/articles/4778483.html 字符集 ANSI (ASCII)美国信息互换标准编码 GB 2312信息交换用汉字编码字 ...

  8. RabbitMQ系列一

    1.http://www.erlang.org/downloads 下载一个比教新的版本(otp_win64_20.2.exe) 2.http://www.rabbitmq.com/install-w ...

  9. 查看和修改Oracle数据库服务器端的字符集

    Oracle数据库查看和修改服务器端的字符集的方法是本文主要要介绍的内容,接下来救让我们一起来了解一下这部分内容. A.oracle server 端字符集查询 select userenv('lan ...

  10. git设置忽略文件和目录

    1.登录gitbash命令端进入本地git库目录 Administrator@PC201601200946 MINGW32 /d/gitrespository/crmweb (master) 2.创建 ...