I’m doing a fair deal of development in the area of RESTFul API features, all of which use Secure Sockets Layer (SSL) to ensure the security of personal information being transmitted over the internet.
I have my development environment running locally within a Mac OS X based system running MAMP. When you install MAMP default configuration is applied and doesn’t have the configuration settings to allow Apache to run with SSL support so this guide is intended to show you how to change that and run as localhost with support for both http:// and https:// connections.
This guide will tell you how to configure MAMP to use ports 80 (http) and 443 (SSL). We will also be changing the configuration to allow you to stop and start both http and https services using the standard MAMP console rather than having to use the command line.
Before you start anything backup your apache conf/apache/httpd.conf and conf/apache/extra/httpd-ssl.conf files as we will be editing these, so you are aware I have my MAMP installed on my Mac OS X at /Applications/MAMP/, so all reference will be accordingly to that location, you may have installed i in a different location, so lets get started.
Step 1: Stop any other web server running on your machine
Because we are going to change the port that MAMP uses for https traffic, you need to make sure that no other process is currently using ports 80 and 443. You can check this by typing netstat at the terminal.
Step 2. Create a self-signed SSL certificate
For development purposes, you need to create an SSL certificate. Of course for your production environment, you will need to purchase an authenticated certificate, for development purposes you can create your own free SSL certificate as follows:
Generate a private key
From the iTerm, type:
openssl genrsa -des3 -out server.key 1024 enter a password (twice) Generate Certificate Signing Request (CSR) openssl req -new -key server.key -out server.csr enter the password you used above for the server key
You will need to answer the questions it asks you, an example is shown below. The MOST important field is the Common Name which must match the domain name you are using locally (e.g. localhost)
Country Name (2 letter code) [AU]:NL State or Province Name (full name) [Some-State]:Noord Holland Locality Name (eg, city) :Amsterdam Organization Name (eg, company) [Internet Widgits Pty Ltd]:Thunderbear Design Organizational Unit Name (eg, section) :Development Common Name (eg, YOUR name) :localhost Email Address :[email protected] A challenge password : An optional company name :
(You can leave the challenge password blank)
Generate the Certificate
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt enter the password you used for the private key
Remove password from the server key
cp server.key server.tmp openssl rsa -in server.tmp -out server.key
Move the Certificate and key into the MAMP configuration
cp server.crt /Applications/MAMP/conf/apache cp server.key /Applications/MAMP/conf/apache
Step 3. Edit MAMP Apache Configuration to support SSL
Tell MAMP to support SSL each time that it starts. Normally, you would tell Apache to do this from the command line by typing apachectl startssl but we need the convenience of starting MAMP from the standard MAMP dashboard or application window.
Edit the MAMP httpd.conf file (/Applications/MAMP/conf/apache/httpd.conf)
- Comment out the line that looks for SSL secure connection
# Secure (SSL/TLS) connections Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf
Edit the MAMP httpd-ssl.conf file (/Applications/MAMP/conf/apache/extra/httpd-ssl.conf)
Check the VirtualHost settings
# General setup for the virtual host DocumentRoot "/Applications/MAMP/htdocs" ServerName localhost:443 ServerAdmin [email protected] ErrorLog "/Applications/MAMP/Library/logs/error_log" TransferLog "/Applications/MAMP/Library/logs/access_log"
Validate that your generate certificate files are correctly configured.
SSLCertificateFile /Applications/MAMP/conf/apache/server.crt SSLCertificateKeyFile /Applications/MAMP/conf/apache/server.key
Step 4. Restart Apache
Finally, stop the existing MAMP Apache process and restart.
You should now be able to view http://localhost AND https://localhost.