Skip to content

Instantly share code, notes, and snippets.

@evaqas

evaqas/mamp_ssl.md

Last active September 17, 2018 09:54
Show Gist options
  • Save evaqas/d5cb18d8dbf54f0534f99db745bb16a6 to your computer and use it in GitHub Desktop.
Save evaqas/d5cb18d8dbf54f0534f99db745bb16a6 to your computer and use it in GitHub Desktop.
Download ZIP
MAMP virtual hosts with SSL
Raw
mamp_ssl.md

Based on:

Generating a Certificate Authority

  1. Generate a private key:
openssl genrsa -des3 -out localhostCA.key 2048
  1. Generate a root certificate:
openssl req -x509 -new -nodes -key localhostCA.key -sha256 -days 1825 -out localhostCA.pem

Installing Your Root Certificate

  1. Cmd+Space for Spotlight Search
  2. Search for Keychain Access app
  3. File > Import Items...
  4. Import generated localhostCA.pem
  5. Double click (or right click > Get Info) on your root certificate
  6. Expand the Trust section
  7. Choose Always Trust for When using this certificate
  8. Close the window and enter your password when asked

Creating CA-Signed Certificates for Your Dev Sites

  1. Create a private key:
openssl genrsa -out domain.test.key 2048
  1. Create a Certificate Signing Request (CSR)
openssl req -new -key domain.test.key -out domain.test.csr
  1. Create a config file to define the Subject Alternative Name (SAN):
touch domain.test.ext
  1. Add the following contents to the domain.test.ext config file:
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = domain.test
  1. Create the certificate:
openssl x509 -req -in domain.test.csr -CA localhostCA.pem -CAkey localhostCA.key -CAcreateserial \
-out domain.test.crt -days 1825 -sha256 -extfile domain.test.ext
  1. Copy both the certificate and private key to MAMP Apache configuration folder:
cp domain.test.crt /Applications/MAMP/conf/apache
cp domain.test.key /Applications/MAMP/conf/apache

Configure Apache to use the certificate

  1. Open /Applications/MAMP/conf/apache/httpd.conf and uncomment Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf
  2. Keep your virtual host in /Applications/MAMP/conf/apache/extra/httpd-vhosts.conf just the same
  3. At the top of /Applications/MAMP/conf/apache/extra/httpd-ssl.conf add the following lines:
# Ensure that Apache listens on port 443
Listen 443
    
# Listen for virtual host requests on all IP addresses
NameVirtualHost *:443

# Go ahead and accept connections for these vhosts
# from non-SNI clients
SSLStrictSNIVHostCheck off
  1. Comment out the default <VirtualHost _default_:443></VirtualHost> ruleset
  2. Add your custom virtual host rules:
<VirtualHost *:443>
    DocumentRoot "/Applications/MAMP/htdocs/domain"
    ServerName domain.test
    SSLEngine on
    SSLCertificateFile "/Applications/MAMP/conf/apache/domain.test.crt"
    SSLCertificateKeyFile "/Applications/MAMP/conf/apache/domain.test.key"
</VirtualHost>
  1. Restart MAMP and your browser.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment