Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Updating virtual host

Seting up a virtual host with https(SSL) in Apache on Mac and Windows

Related links:

  1. Uncomment vhost and ssl lines in httpd.conf:

    #Include /private/etc/apache2/extra/httpd-vhosts.conf (mac)
    #Include conf/extra/httpd-vhosts.conf (windows)
    
    #LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so
    #LoadModule ssl_module libexec/apache2/mod_ssl.so
    
    #Include /private/etc/apache2/extra/httpd-ssl.conf
    
  2. Create a myopenssl.cnf file (at /etc/apache2 on mac and at C:\Apache24\conf on windows) with following content and add a DNS entry under [alt_names] for your site:

    [req]
    default_bits = 2048
    distinguished_name = req_distinguished_name
    x509_extensions = v3_req
    prompt = no
    
    [req_distinguished_name]
    C = CA
    ST = ON
    L = MyTown
    O = MyCompany
    OU = IT
    CN = localhost.local
    
    [v3_req]
    extendedKeyUsage = serverAuth
    subjectAltName = @alt_names
    
    [alt_names]
    DNS.1 = localhost.local
    DNS.2 = mysite.local  
    
  3. Run below command (in mac use sudo) to generate server.key and server.crt files:

    openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt -config myopenssl.cnf -extensions 'v3_req'
    
    
  4. (Mac only) Add the SSL Certificate to Keychain Access:

    sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /etc/apache2/server.crt
    
    
  5. (Windows only) Add the certificate as trusted certificate on the local machine, so the browser would not give error on the certificate. In Windows (IE/Edge/Chrome):

     right click on certificate (i.e server.crt)
     install Certificate
     Current User (use Local Machine if you use multiple users on the same machine)
     Place all certificates in the following store, Browse
     Trusted Root Certificate Authorities
     Finish
    
  6. Add a a virtual host for your site to httpd-vhosts.conf, in mac located at: /etc/apache2/extra/httpd-vhosts.conf, use backslash in windows):

    <VirtualHost *:80>
        ServerName mysite.local
        Redirect / https://mydomain.local/
    </Virtualhost>
    
    <VirtualHost *:443>
        ServerName mysite.local
        DocumentRoot "/Users/sm/Documents/mysite/app"
    
    	SSLEngine on
    	SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    	SSLCertificateFile /etc/apache2/server.crt
    	SSLCertificateKeyFile /etc/apache2/server.key
    
    	<Directory "/Users/sm/Documents/mysite/app">
    		DirectoryIndex index.php
    		AllowOverride All
    		Require all granted
    	</Directory>
    </Virtualhost>
    
  7. Add the following to hosts file (located at /etc on Mac and at C:\Windows\System32\drivers\etc\hosts on windows)

    127.0.0.1	localhost
    127.0.0.1   mysite.local
    
  8. Restart apache

    sudo apachectl restart (mac)
    httpd.exe (win)
    
@sagarguhe

This comment has been minimized.

Copy link

@sagarguhe sagarguhe commented Mar 22, 2021

Nice! this works without any warning in chrome, but Firefox throws warning of untrusted certificate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment