Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / web / Apache
 

Configure apache localhost to use secure HTTP (HTTPS) using mod_ssl

5.00/5 (1 vote)
12 Aug 2011CPOL1 min read 38K  
How to set up Apache 2.2 on MacOS to test websites with self generated certificates in order to verify settings for secure HTTP (HTTPS)
For all those who want to test their website on localhost using the secure HTTP protocol, here is how you can configure apache for testing purpose. I did this on Mac OSX 10.6 using apache 2.2

Guidelines provided at apple [^] are for older version. We'll use them to generate the certificate and then configure apache for newer version.
> mkdir ~/keys
> cd ~/keys
> openssl genrsa -des3 -out server.key 1024

Remember the passphrase you provide here. It will be required in next steps.
> openssl req -new -key server.key -out server.csr
Answers to all questions are straight-forward, except for Common Name: you need to provide 127.0.0.1 (i.e. server name)
> openssl genrsa -des3 -out ca.key 1024

For simplicity, keep the passphrase same as used above
> openssl req -new -x509 -days 365 -key ca.key -out ca.crt

This again asks same Questions as in step 4, but this time for Common Name you can provide any dummy name

Find sign.sh file if you have mod_ssl package downloaded, or else retrieve it from pkg.contrib folder from latest version of package. Copy the sign.sh to "keys" folder and make it executable
>chmod +x sign.sh
>./sign.sh server.csr

Say yes ("y") to the 2 questions
>sudo mkdir /etc/apache2/ssl.key
>sudo cp -r * /etc/apache2/ssl.key/

>cd /etc/apache2/ssl.key/
>sudo cp server.key server.key.original

>sudo openssl rsa -in server.key.original -out server.key

>sudo apachectl stop

>sudo vim /etc/apache2/httpd.conf
* You may want to make a backup before editing this

- Locate and comment out Port directive to listening on 80
*Note - Commenting this line will force to use only https, leave it as is if you want to use both.

- Locate and uncomment the LoadModule ssl_module libexec/apache2/mod_ssl.so
- sudo vim /etc/apache2/extra/httpd-ssl.conf

* Again make a backup before editing

- Change ServerName from www.example.com to 127.0.0.1
- Provide your email id for ServerAdmin

- Under SSLCertification, provide path to our own ssl certificate i.e. SSLCertificateFile "/private/etc/apache2/ssl.key/server.crt"

- Also, set ServerKey with: SSLCertificateKeyFile "/private/etc/apache2/ssl.key/server.key"
- You may also set the other paths as per requirement
> sudo httpd -D SSL
> sudo apachectl start

And you now have https://127.0.0.1 running

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Permalink

Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Article Copyright 2011 by Aniruddha Loya
Everything else Copyright © CodeProject, 1999-2024

Web01 2.8:2024-10-20:1