Click here to Skip to main content
Click here to Skip to main content

Configure apache localhost to use secure HTTP (HTTPS) using mod_ssl

, 12 Aug 2011
Rate this:
Please Sign up or sign in to vote.
How to set up Apache 2.2 on MacOS to test websites with self generated certificates in order to verify settings for secure HTTP (HTTPS)
For all those who want to test their website on localhost using the secure HTTP protocol, here is how you can configure apache for testing purpose. I did this on Mac OSX 10.6 using apache 2.2
 
Guidelines provided at apple [^] are for older version. We'll use them to generate the certificate and then configure apache for newer version.
> mkdir ~/keys
> cd ~/keys
> openssl genrsa -des3 -out server.key 1024
Remember the passphrase you provide here. It will be required in next steps.
> openssl req -new -key server.key -out server.csr
Answers to all questions are straight-forward, except for Common Name: you need to provide 127.0.0.1 (i.e. server name)
> openssl genrsa -des3 -out ca.key 1024
For simplicity, keep the passphrase same as used above
> openssl req -new -x509 -days 365 -key ca.key -out ca.crt
This again asks same Questions as in step 4, but this time for Common Name you can provide any dummy name
 
Find sign.sh file if you have mod_ssl package downloaded, or else retrieve it from pkg.contrib folder from latest version of package. Copy the sign.sh to "keys" folder and make it executable
>chmod +x sign.sh
>./sign.sh server.csr
Say yes ("y") to the 2 questions
>sudo mkdir /etc/apache2/ssl.key
>sudo cp -r * /etc/apache2/ssl.key/
 
>cd /etc/apache2/ssl.key/
>sudo cp server.key server.key.original
 
>sudo openssl rsa -in server.key.original -out server.key
 
>sudo apachectl stop
 
>sudo vim /etc/apache2/httpd.conf
* You may want to make a backup before editing this
 
- Locate and comment out Port directive to listening on 80
*Note - Commenting this line will force to use only https, leave it as is if you want to use both.
 
- Locate and uncomment the LoadModule ssl_module libexec/apache2/mod_ssl.so
- sudo vim /etc/apache2/extra/httpd-ssl.conf
* Again make a backup before editing
 
- Change ServerName from www.example.com to 127.0.0.1
- Provide your email id for ServerAdmin
 
- Under SSLCertification, provide path to our own ssl certificate i.e. SSLCertificateFile "/private/etc/apache2/ssl.key/server.crt"
 
- Also, set ServerKey with: SSLCertificateKeyFile "/private/etc/apache2/ssl.key/server.key"
- You may also set the other paths as per requirement
> sudo httpd -D SSL
> sudo apachectl start
And you now have https://127.0.0.1 running

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Aniruddha Loya
Student EPFL
Switzerland Switzerland
After almost 4 years of experience varying from finance to building & running a startup... I decided to take a break, go back to college and be a (academic) student again.
However, I continue to do freelance work and am currently working on HTML5 games for Code-Heads, a UK based studio.
http://aniruddhaloya.blogspot.com
Follow on   Twitter

Comments and Discussions

 
-- There are no messages in this forum --
| Advertise | Privacy | Mobile
Web01 | 2.8.140721.1 | Last Updated 12 Aug 2011
Article Copyright 2011 by Aniruddha Loya
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid