Laragon and Let's Encrypt

  • | 169 points

    Is it possible to install LetsEncrypt on laragon? If it is possible, how?

  • administrators
    | 64645 points

    @askaoru : Laragon uses Apache, so it is possible to use Let's Encrypt with Laragon. You can read documents about using Let's Encrypt with Apache.

  • | 3325 points

    Let's Encrypt isn't meant for local development environments.

    You can create and add self-signed certificate to Apache to achieve encrypted connection between browser and server (Laragon). So here's a little tutorial how to do that.

    To generate a self-signed certificate you need OpenSSL binaries (I used openssl binary provided by Cygwin while testing this).
    Proceed with following:

    • Open terminal (cmd) in folder where you want to store your certificates (I used d:\tools\laragon\ssl)
    • Generate certificate and key with following command (replace with wanted hostname):
    openssl req -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -keyout -out
    • You can just press enter on all the questions, except with the Common name part. Here give the hostname you want to use, for example
    • Add following to your httpd-vhosts.conf (use correct hostname and paths and note that we use forward slashes in paths):
    	DocumentRoot "${DOCROOT}/app/public"
    	SSLEngine on
    	SSLCertificateKeyFile D:/tools/laragon/ssl/
    	SSLCertificateFile D:/tools/laragon/ssl/
    	SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    • Reload Apache and you have encrypted connection between browser and site! :smile:
    • But your browser is nagging about untrusted certificate :disappointed:
    • You need to add it as trusted certificate...In Chrome go to chrome://settings :arrow_right: Advanced settings :arrow_right: HTTPS/SSL :arrow_right: Manage certificates
    • Now we need to import newly created certificate to Chrome's certificate store
    • Select import and select file which you created earlier
    • Important: Now you need to select the certificate store where you want to store this certificate.
    • Select Place all certificates in the following store and to Certificate Store: select Trusted Root Certification Authorities
    • Click Finish/OK and restart your browser. Now you can browse to without browser nagging about the certificate :)

    Hopefully you can get certificates working with this method..I wrote this text in a little rush, so please ask if you have some problems.

  • | 3325 points

    @leokhoa I had an impression that you can't generate LE certs for local hosts (atleast when I tried to use LE cert script on my linux VM, it failed because it wasn't able to resolve that domain, or something like that). So I've kept using self-signed certs..

    I could be wrong though :D

  • administrators
    | 64645 points

    @Kurre: You're right. However, when @askaoru asked about Let's Encrypt, I think he asking for using in production.
    For localhost development, I see no reason to use Let's Encrypt and it is impossible because Let's Encrypt can not connect to localhost to valiadate.
    If he need to use SSL on localhost, your self-signed certificate article is very helpful :+1:
    Or he can use ngrok and tunnel https if this solves his problem.

  • | 169 points

    @leokhoa yes I wanted to use it for production. I managed to get it to work.

    I used to handle the cert installation and renewal. And by using @Kurre 's advice on the vhost, I managed to get it to work. One thing that threw me off was that laragon's default ssl port was 4433 instead of the usual 443.

    Thank you for the help. Also, laragon is awesome for someone like me who really prefers windows environment over linux.

  • | 501 points

    WARNING: can't open config file: C:\laragon\bin\apache\httpd-2.4.23-win32-VC14\conf\openssl.cnf i'm using nginx

Log in to reply

Looks like your connection to Laragon was lost, please wait while we try to reconnect.