Need Help Setting up HTTPS on WSL2

Question

I really need some help configuring WSL to work using HTTPS for local Apache sites. I've spent 2 days trying to get this to work. I've used the following articles for reference (among other similar ones):

https://jitheshkt.medium.com/enable-ssl-on-wsl2-apache-windows-10-bcdfef71024a

https://gist.github.com/dennisameling/8317b9dc6b7d971860a4797c64f16eaf (the Prepare SSL Certificate section)

mkcert is installed on both Windows and WSL2

I ran the following in Power Shell (Admin) to create the certs in C:\Users\YOUR_WINDOWS_USERNAME\AppData\Local\mkcert:

mkcert -install
mkcert localhost 127.0.0.1 ::1 0.0.0.0

That seems to have worked as I can see the certificates in the folder.

However, the following did not work for me when run in Power Shell:

setx CAROOT “$(mkcert -CAROOT)”; If ($Env:WSLENV -notlike “*CAROOT*”) { setx WSLENV “CAROOT/up:$Env:WSLENV” }

So instead I did this in the WSL terminal:

echo 'export CAROOT=/mnt/c/Users/YOUR_WINDOWS_USERNAME/AppData/Local/mkcert' >> ~/.profile

To make it so the WSL mkcert would use the certificates on the Windows side, and it seemed to work, as now if I enter the following terminal command:

mkcert -CAROOT

I get:

/mnt/c/Users/YOUR_WINDOWS_USERNAME/AppData/Local/mkcert

But there are some things not working and that I'm definitely not understanding.

For example, after doing just the above, now https://localhost works (I had to click to accept risk of untrusted certificate). I don't understand why this is working when I had not yet modified the default-ssl.conf file. Here are the contents of the file:


    
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        SSLEngine on

        SSLCertificateFile  /etc/ssl/certs/ssl-cert-snakeoil.pem
        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
        
    SSLOptions +StdEnvVars
        
        
                SSLOptions +StdEnvVars

With that, it's loading the default Apache page. But if I try to change the DocumentRoot to the location where the files for the site are stored on the Windows side:

DocumentRoot /mnt/c/YOUR_WINDOWS_USERNAME/dev/www/example.com/public_html

If I load https://localhost in the browser, I get "Connection failed: No such file or directory" (there is both an index.php and index.html file inside this folder just to be sure).

Any idea why it is unable to load the files from that DocumentRoot location?

It does not help if I also change the following as well to the correct locations of the certificate and key:

SSLCertificateFile     /mnt/c/Users/YOUR_WINDOWS_USERNAME/AppData/Local/mkcert/localhost+3.pem
SSLCertificateKeyFile  /mnt/c/Users/YOUR_WINDOWS_USERNAME/AppData/Local/mkcert/localhost+3-key.pem

When I restart Apache, it loads fine, so I know I'm entering the directory paths correctly and to folders that exist.

But my real goal is to be able to use the HTTPS versions of websites with custom domains, like https://example.com.

I ran the following to create my certificate and key files and confirmed they were created:

mkcert example.com

I have my Windows Hosts file configured:

127.0.0.1   example.com
127.0.0.1   www.example.com

And the following example.com.conf is enabled:


  ServerName example.com
  ServerAlias www.example.com
  ServerAdmin webmaster@localhost
  DocumentRoot /mnt/c/Users/YOUR_WINDOWS_USERNAME/dev/www/example.com/public_html
  ErrorLog /mnt/c/Users/YOUR_WINDOWS_USERNAME/dev/www/example.com/logs/error.log
  CustomLog /mnt/c/Users/YOUR_WINDOWS_USERNAME/dev/www/example.com/logs/access.log combined

  
    Require all granted

And the following example.com.ssl.conf is enabled:


  
    Require all granted
    DirectoryIndex index.php index.html
  
  
    SSLEngine on
    SSLCertificateFile    /mnt/c/Users/YOUR_WINDOWS_USERNAME/AppData/Local/mkcert/example.com.pem
    SSLCertificateKeyFile /mnt/c/Users/YOUR_WINDOWS_USERNAME/AppData/Local/mkcert/example.com-key.pem
    ServerName example.com
    ServerAlias www.example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /mnt/c/Users/YOUR_WINDOWS_USERNAME/dev/www/example.com/public_html

    ErrorLog /mnt/c/Users/YOUR_WINDOWS_USERNAME/dev/www/example.com/logs/error.log
    CustomLog /mnt/c/Users/YOUR_WINDOWS_USERNAME/dev/www/example.com/logs/access.log combined

    
        SSLOptions +StdEnvVars
    
    
        SSLOptions +StdEnvVars

And if I try to load example.com or https://example.com in the browser, in Chrome I get the "This site can't be reached / ERR_CONNECTION_REFUSED" error and in Firefox it's the "Unable to connect" error.

Any help that anyone could offer on this would be really appreciated. I'm honestly about to pull out my non-existent hair (I'm bald) and then put my head through my monitor at this point.

Note for the file paths below: YOUR_WINDOWS_USERNAME is just a placeholder I'm using and I've entered my correct windows username in the paths on my end.

** UPDATE **

Changing the hosts file to:

127.0.0.1   example.com
127.0.0.1   www.example.com

::1         example.com
::1         www.example.com

and changing the DocumentRoot (and all other file paths) to a location on the WSL side of things:

DocumentRoot /home/LINUX_USERNAME/dev/www/example.com/public_html

Has allowed the Apache2/Ubuntu Default page to load. But it's not loading the actual content of the index.php file in the public_html folder. If I view https://example.com/index.php I get a Not Found error.

Thanks for any help!

Need Help Setting up HTTPS on WSL2

Answers (1)

Related Questions