Based on:
- https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/
- https://gist.github.com/jfloff/5138826#gistcomment-2131538
- https://gist.github.com/jfloff/5138826#gistcomment-2145381
- Generate a private key:
openssl genrsa -des3 -out localhostCA.key 2048
- Generate a root certificate:
openssl req -x509 -new -nodes -key localhostCA.key -sha256 -days 1825 -out localhostCA.pem
- Cmd+Space for Spotlight Search
- Search for Keychain Access app
- File > Import Items...
- Import generated localhostCA.pem
- Double click (or right click > Get Info) on your root certificate
- Expand the Trust section
- Choose Always Trust for When using this certificate
- Close the window and enter your password when asked
- Create a private key:
openssl genrsa -out domain.test.key 2048
- Create a Certificate Signing Request (CSR)
openssl req -new -key domain.test.key -out domain.test.csr
- Create a config file to define the Subject Alternative Name (SAN):
touch domain.test.ext
- Add the following contents to the
domain.test.ext
config file:
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = domain.test
- Create the certificate:
openssl x509 -req -in domain.test.csr -CA localhostCA.pem -CAkey localhostCA.key -CAcreateserial \
-out domain.test.crt -days 1825 -sha256 -extfile domain.test.ext
- Copy both the certificate and private key to MAMP Apache configuration folder:
cp domain.test.crt /Applications/MAMP/conf/apache
cp domain.test.key /Applications/MAMP/conf/apache
- Open /Applications/MAMP/conf/apache/httpd.conf and uncomment
Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf
- Keep your virtual host in
/Applications/MAMP/conf/apache/extra/httpd-vhosts.conf
just the same - At the top of
/Applications/MAMP/conf/apache/extra/httpd-ssl.conf
add the following lines:
# Ensure that Apache listens on port 443
Listen 443
# Listen for virtual host requests on all IP addresses
NameVirtualHost *:443
# Go ahead and accept connections for these vhosts
# from non-SNI clients
SSLStrictSNIVHostCheck off
- Comment out the default
<VirtualHost _default_:443></VirtualHost>
ruleset - Add your custom virtual host rules:
<VirtualHost *:443>
DocumentRoot "/Applications/MAMP/htdocs/domain"
ServerName domain.test
SSLEngine on
SSLCertificateFile "/Applications/MAMP/conf/apache/domain.test.crt"
SSLCertificateKeyFile "/Applications/MAMP/conf/apache/domain.test.key"
</VirtualHost>
- Restart MAMP and your browser.