Skip to main content
Bearsampp includes OpenSSL support for generating self-signed SSL certificates, so you can test your projects over https:// on your local machine without buying a certificate or setting up a certificate authority. Certificates are created automatically when you add a virtual host, or you can generate them manually at any time.

Automatic SSL for virtual hosts

When you create a virtual host using Apache → Add a virtual host, Bearsampp generates an SSL certificate for that domain in the same step. By the time Apache restarts, the virtual host is already configured for both HTTP and HTTPS. No extra action is needed. You can access your site at:
  • http://myproject.local
  • https://myproject.local
Apache listens on port 443 for HTTPS by default. You can change this from the tray menu under Apache → Change port.

Generate an SSL certificate manually

If you need a certificate outside the virtual host workflow — for example, for a specific hostname or a custom destination — you can generate one manually.
1

Open the certificate generator

Right-click the tray icon, hover over Apache, and click Generate SSL certificate.
2

Enter a name

Type the name for the certificate in the Name field. This becomes the filename and the Common Name (CN) of the certificate — for example, myproject.local.
3

Choose a destination

The destination defaults to bearsampp/ssl/. Click Browse to choose a different folder if needed.
4

Save the certificate

Click Save. Bearsampp creates two files in the destination folder:
  • name.crt — the certificate file
  • name.key — the private key file
A confirmation dialog appears when the files are ready.

SSL certificate storage

All certificates generated by Bearsampp are stored in the bearsampp/ssl/ folder by default. This includes certificates created automatically for virtual hosts and any certificates you generate manually.

Trusting self-signed certificates in your browser

Because Bearsampp generates self-signed certificates, your browser will show a security warning the first time you visit an HTTPS local address.

Bypass in Chrome or Edge

Click Advanced on the warning page, then click Proceed to [site] (unsafe). The site loads and the warning won’t appear again until the certificate changes.

Add to Windows certificate store

For full trust without warnings in all browsers, import the .crt file into the Windows Certificate Store under Trusted Root Certification Authorities. Open the .crt file and follow the certificate import wizard.
Firefox manages its own certificate store separately from Windows. To avoid warnings in Firefox, you must import the certificate directly in Firefox under Settings → Privacy & Security → Certificates → View Certificates → Import.
If you’re switching between projects frequently, importing the certificate into the Windows store once per virtual host saves time compared to clicking through the browser warning repeatedly.