• 131
• 255
• 14

How to get SSL working on MAMP for OS X

by bernt & torsten

I’m doing a fair deal of development in the area of RESTFul API  features, all of which use Secure Sockets Layer (SSL) to ensure the security of personal information being transmitted over the internet.

I have my development environment running locally within a Mac OS X-based system running MAMP. When you install MAMP default configuration is applied and doesn’t have the configuration settings to allow Apache to run with SSL support so this guide is intended to show you how to change that and run as localhost with support for both HTTP:// and HTTPS:// connections.

This guide will tell you how to configure MAMP to use ports 80 (HTTP) and 443 (SSL). We will also be changing the configuration to allow you to stop and start both HTTP and HTTPS services using the standard MAMP console rather than having to use the command line.

Before you start anything backup your apache conf/apache/httpd.conf and conf/apache/extra/httpd-ssl.conf files as we will be editing these, so you are aware I have my MAMP installed on my Mac OS X at /Applications/MAMP/, so all reference will be accordingly to that location, you may have installed i in a different location, so let us get started.

Step 1: Stop any other web server running on your machine
Because we are going to change the port that MAMP uses for HTTPS traffic, you need to make sure that no other process is currently using ports 80 and 443. You can check this by typing netstat at the terminal.

Step 2. Create a self-signed SSL certificate
For development purposes, you need to create an SSL certificate. Of course for your production environment, you will need to purchase an authenticated certificate, for development purposes you can create your own free SSL certificate as follows:

Generate a private key

From the iTerm, type:

openssl genrsa -des3 -out server.key 1024
enter a password (twice)

Generate Certificate Signing Request (CSR)

openssl req -new -key server.key -out server.csr
enter the password you used above for the server key

You will need to answer the questions it asks you, an example is shown below. The MOST important field is the Common Name which must match the domain name you are using locally (e.g. localhost)

Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:Noord Holland
Locality Name (eg, city) []:Amsterdam
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Thunderbear Design
Organizational Unit Name (eg, section) []:Development
Common Name (eg, YOUR name) []:localhost
Email Address []:admin@localhost
A challenge password []:
An optional company name []:

(You can leave the challenge password blank)

Generate the Certificate

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
enter the password you used for the private key

Remove password from the server key

cp server.key server.tmp
openssl rsa -in server.tmp -out server.key

Move the Certificate and key into the MAMP configuration

cp server.crt /Applications/MAMP/conf/apache cp server.key /Applications/MAMP/conf/apache

Step 3. Edit MAMP Apache Configuration to support SSL
Tell MAMP to support SSL each time that it starts. Normally, you would tell Apache to do this from the command line by typing apachectl startssl but we need the convenience of starting MAMP from the standard MAMP dashboard or application window.

Edit the MAMP httpd.conf file (/Applications/MAMP/conf/apache/httpd.conf)

• Comment out the line that looks for SSL secure connection

# Secure (SSL/TLS) connections
Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf

Edit the MAMP httpd-ssl.conf file (/Applications/MAMP/conf/apache/extra/httpd-ssl.conf)

Check the VirtualHost settings

#   General setup for the virtual host
DocumentRoot "/Applications/MAMP/htdocs"
ServerName localhost:443
ServerAdmin admin@localhost
ErrorLog "/Applications/MAMP/Library/logs/error_log"
TransferLog "/Applications/MAMP/Library/logs/access_log"

Validate that your generated certificate files are correctly configured.

SSLCertificateFile /Applications/MAMP/conf/apache/server.crt
SSLCertificateKeyFile /Applications/MAMP/conf/apache/server.key

Step 4. Restart Apache
Finally, stop the existing MAMP Apache process and restart.

You should now be able to view http://localhost AND https://localhost.