Thursday, May 18, 2017

Local SSL websites on mac OSX


These instructions will guide you through the process of setting up local, trusted websites on your own computer.

Configuring SSL

Within Terminal, create an SSL directory.
sudo mkdir /etc/apache2/ssl
Next, generate a private key and certificate for your site.
sudo openssl genrsa -out /etc/apache2/ssl/localhost.key 2048
sudo openssl req -new -x509 -key /etc/apache2/ssl/localhost.key -out /etc/apache2/ssl/localhost.crt -days 3650 -subj /CN=localhost
Finally, add the certificate to Keychain Access.
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /etc/apache2/ssl/localhost.crt

Configuring SSL: Setting up a Trusted Virtual Host

Within Terminal, edit the Apache Configuration.
edit /etc/apache2/httpd.conf
Within the editor, uncomment lines 89 and 143 to enable modules required by HTTPS.
LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so

LoadModule ssl_module libexec/apache2/mod_ssl.so
Next, uncomment line 516 to enable Trusted Virtual Hosts.
Include /private/etc/apache2/extra/httpd-ssl.conf
Back in Terminal, edit the Virtual Hosts configuration.
edit /etc/apache2/extra/httpd-vhosts.conf
Within the editor, add a 443 VirtualHost Name and localhost Directive at the end of the file, replacing indieweb with your user name.
<VirtualHost *:443>
    ServerName localhost
    DocumentRoot "/Users/indieweb/Sites/localhost"

    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /etc/apache2/ssl/localhost.crt
    SSLCertificateKeyFile /etc/apache2/ssl/localhost.key

    <Directory "/Users/indieweb/Sites/localhost">
        Options Indexes FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
        Require all granted
    </Directory>
</VirtualHost>
Back in Terminal, edit the SSL configuration.
edit /private/etc/apache2/extra/httpd-ssl.conf
Next, comment lines above to skip the default Server Certificate and Server Private Key.
#SSLCertificateFile "/private/etc/apache2/server.crt"

#SSLCertificateKeyFile "/private/etc/apache2/server.key"
Next, beneath the commented certificates or keys, add references to your certificate and key.
SSLCertificateFile "/etc/apache2/ssl/localhost.crt"

SSLCertificateKeyFile "/etc/apache2/ssl/localhost.key"
Back in Terminal, restart Apache.
sudo apachectl restart
Now, in a web browser, visit https://localhost. The domain should appear trusted, and you should see a message stating that localhost works!.
à(s)
Etiquetas: , , , , , , , , , ,

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )