These instructions will guide you through the process of setting up local, trusted websites on your own computer.
These instructions are intended to be used on Mac OSX Yosemite.
Within Terminal, start Apache.
sudo apachectl start
In a web browser, visit http://localhost. You should see a message stating that It works!.
Within Terminal, edit the Apache Configuration.
edit /etc/apache2/httpd.conf
Within your editor, uncomment line 160 and line 499 to enable Virtual Hosts.
LoadModule vhost_alias_module libexec/apache2/mod_vhost_alias.so
Include /private/etc/apache2/extra/httpd-vhosts.conf
Optionally, uncomment line 169 to enable PHP.
LoadModule php5_module libexec/apache2/libphp5.so
Within Terminal, edit the Virtual Hosts.
edit /etc/apache2/extra/httpd-vhosts.conf
Within your editor, add a Virtual Host on line 44, replacing indieweb with your user name.
<VirtualHost *:80>
ServerName localhost
DocumentRoot "/Users/indieweb/Sites/localhost"
<Directory "/Users/indieweb/Sites/localhost">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Within Terminal, restart Apache.
sudo apachectl restart
Within Terminal, Create a Sites directory, which will be the parent directory of many individual Site subdirectories.
mkdir ~/Sites
Next, create a localhost subdirectory within Sites, which will be our first site.
mkdir ~/Sites/localhost
Finally, create an HTML document within localhost.
echo "<h1>localhost works!</h1>" > ~/Sites/localhost/index.html
Now, in a web browser, visit http://localhost. You should see a message stating that localhost works!.
Within Terminal, create a SSL directory.
sudo mkdir /etc/apache2/ssl
Next, generate two Host keys, decrypting the later.
sudo openssl genrsa -out /etc/apache2/server.key 2048
sudo openssl genrsa -out /etc/apache2/ssl/localhost.key 2048
sudo openssl rsa -in /etc/apache2/ssl/localhost.key -out /etc/apache2/ssl/localhost.key.rsa
Next, create and edit an OpenSSL Configuration.
sudo touch /etc/apache2/localhost.conf
edit /etc/apache2/localhost.conf
Within your editor, add the following configuration.
[req]
default_bits = 1024
distinguished_name = req_distinguished_name
req_extensions = v3_req
[req_distinguished_name]
[v3_req]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = localhost
DNS.2 = *.localhost
Within Terminal, generate Certificate Requests using the OpenSSL Configuration, optionally replacing the defaults as you see fit.
sudo openssl req -new -key /etc/apache2/server.key -subj "/C=/ST=/L=/O=/CN=/emailAddress=/" -out /etc/apache2/server.csr
sudo openssl req -new -key /etc/apache2/ssl/localhost.key.rsa -subj "/C=US/ST=California/L=Orange/O=IndieWebCamp/CN=localhost/" -out /etc/apache2/ssl/localhost.csr -config /etc/apache2/ssl/localhost.cnf
Next, use the Certificate Requests to sign the SSL Certificates with extensions.
sudo openssl x509 -req -days 365 -in /etc/apache2/server.csr -signkey /etc/apache2/server.key -out /etc/apache2/server.crt
sudo openssl x509 -req -extensions v3_req -days 365 -in /etc/apache2/ssl/localhost.csr -signkey /etc/apache2/ssl/localhost.key.rsa -out /etc/apache2/ssl/localhost.crt -extfile /etc/apache2/ssl/localhost.cnf
Finally, add the later SSL Certificate to Keychain Access.
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /etc/apache2/ssl/localhost.crt
Within Terminal, edit the Apache Configuration.
edit /etc/apache2/httpd.conf
Within your editor, uncomment line 490 to enable Trusted Virtual Hosts.
Include /private/etc/apache2/extra/httpd-ssl.conf
Within Terminal, edit the Apache SSL Configuration file.
edit /etc/apache2/extra/httpd-ssl.conf
Within your editor, uncomment line 120 and 128.
SSLCertificateFile "/private/etc/apache2/server.crt"
SSLCertificateKeyFile "/private/etc/apache2/server.key"
Within Terminal, edit the Virtual Hosts file.
edit /etc/apache2/extra/httpd-vhosts.conf
Within your editor, add a 443 VirtualHost Name and localhost Directive on line 56, replacing indieweb with your user name.
NameVirtualHost *:443
<VirtualHost *:443>
ServerName localhost
DocumentRoot "/Users/indieweb/Sites/localhost"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /private/etc/apache2/ssl/localhost.crt
SSLCertificateKeyFile /private/etc/apache2/ssl/localhost.key
<Directory "/Users/indieweb/Sites/localhost">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Within Terminal, restart Apache.
sudo apachectl restart
Now, in a web browser, visit https://localhost. The domain should appear trusted, and you should see a message stating that localhost works!.