Click here to Skip to main content
15,887,746 members
Articles / Web Development / Apache
Tip/Trick

Configure apache localhost to use secure HTTP (HTTPS) using mod_ssl

Rate me:
Please Sign up or sign in to vote.
5.00/5 (1 vote)
12 Aug 2011CPOL1 min read 37.8K   4  
How to set up Apache 2.2 on MacOS to test websites with self generated certificates in order to verify settings for secure HTTP (HTTPS)
For all those who want to test their website on localhost using the secure HTTP protocol, here is how you can configure apache for testing purpose. I did this on Mac OSX 10.6 using apache 2.2

Guidelines provided at apple [^] are for older version. We'll use them to generate the certificate and then configure apache for newer version.
> mkdir ~/keys
> cd ~/keys
> openssl genrsa -des3 -out server.key 1024

Remember the passphrase you provide here. It will be required in next steps.
> openssl req -new -key server.key -out server.csr
Answers to all questions are straight-forward, except for Common Name: you need to provide 127.0.0.1 (i.e. server name)
> openssl genrsa -des3 -out ca.key 1024

For simplicity, keep the passphrase same as used above
> openssl req -new -x509 -days 365 -key ca.key -out ca.crt

This again asks same Questions as in step 4, but this time for Common Name you can provide any dummy name

Find sign.sh file if you have mod_ssl package downloaded, or else retrieve it from pkg.contrib folder from latest version of package. Copy the sign.sh to "keys" folder and make it executable
>chmod +x sign.sh
>./sign.sh server.csr

Say yes ("y") to the 2 questions
>sudo mkdir /etc/apache2/ssl.key
>sudo cp -r * /etc/apache2/ssl.key/

>cd /etc/apache2/ssl.key/
>sudo cp server.key server.key.original

>sudo openssl rsa -in server.key.original -out server.key

>sudo apachectl stop

>sudo vim /etc/apache2/httpd.conf
* You may want to make a backup before editing this

- Locate and comment out Port directive to listening on 80
*Note - Commenting this line will force to use only https, leave it as is if you want to use both.

- Locate and uncomment the LoadModule ssl_module libexec/apache2/mod_ssl.so
- sudo vim /etc/apache2/extra/httpd-ssl.conf

* Again make a backup before editing

- Change ServerName from www.example.com to 127.0.0.1
- Provide your email id for ServerAdmin

- Under SSLCertification, provide path to our own ssl certificate i.e. SSLCertificateFile "/private/etc/apache2/ssl.key/server.crt"

- Also, set ServerKey with: SSLCertificateKeyFile "/private/etc/apache2/ssl.key/server.key"
- You may also set the other paths as per requirement
> sudo httpd -D SSL
> sudo apachectl start

And you now have https://127.0.0.1 running

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Student EPFL
Switzerland Switzerland
After almost 4 years of experience varying from finance to building & running a startup... I decided to take a break, go back to college and be a (academic) student again.
However, I continue to do freelance work and am currently working on HTML5 games for Code-Heads, a UK based studio.
http://aniruddhaloya.blogspot.com

Comments and Discussions

 
-- There are no messages in this forum --