How to easily create a SSL certificate and configure it in Apache2 in Mac OS X?

macos mac apache-http-server ssl https
49,352

For local development testing a self-signed certificate is adequate. You can generate one with the OpenSSL kit like so:

Generating the private key:

openssl genrsa -des3 -out server.key 1024

output:

Generating RSA private key, 1024 bit long modulus
.........................................................++++++
........++++++
e is 65537 (0x10001)
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:

enter a passphrase for your private key.

Generating the CSR (certificate signing request):

openssl req -new -key server.key -out server.csr

it will request details like this:

Country Name (2 letter code) [GB]:
State or Province Name (full name) [Berkshire]:
Locality Name (eg, city) [Newbury]:
Organization Name (eg, company) [My Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

it's fairly straightforward, the common name is your server's hostname as it says in brackets.

Generating the self signed certificate:

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Configuring SSL in httpd.conf for Apache:

SSLEngine on
SSLCertificateFile /path/to/generated/server.crt
SSLCertificateKeyFile /path/to/generated/server.key

(replace path appropriately with the path to your certificate and key)

Restart Apache:

apachectl restart

Apache will ask you for the passphrase to your key. If you think you will be shutting the server down a lot, you may want to remove the passphrase from the key so you can avoid entering it each time. If not, don't worry about it. If so, complete this step after step 2 (Generating the CSR):

cp server.key server.key.copy
openssl rsa -in server.key.copy -out server.key
Share:
49,352

Related videos on Youtube

Daniel Cukier
Author by

Daniel Cukier

Daniel is a technology innovator, currently exploring web3 projects. Former CTO in Brazilian startups such as Pravaler - a fintech that offers accessible student loans - also founder and CTO at Playax - an audience development platform for music professionals based on BigData - he also worked for two years as CTO at Elo7 – the biggest crafts marketplace in Brazil. Experienced working in different programming languages such as Elixir, Ruby, JavaScript and Java, Daniel helped many startups as venture advisor at Monashees Capital and other accelerator programs in Brazil. He is also PhD in Computer Science at University of São Paulo – IME-USP. His PhD research is about Software Startups Ecosystems and Entrepreneurship. Daniel mastered in Computer Science in University of São Paulo in 2009, with the Thesis Patterns for Introducing New Ideas in the Software Industry. Daniel is a Cloud Computing GDE (Google Developer Expert). Daniel started developing software in Brazil when he was 10, on his TK-3000 Basic 2MB RAM computer. He worked as a consultant and software developer in many companies. In 2001, he worked for an Internet startup in Italy. In 2006 he joined Locaweb, the biggest web hosting company in Brazil and worked there for 5 years as developer and tech lead in infrastructure team. Daniel is an active member in the agile and software development communities, speaker in many conferences such as Elixir Brasil, QCON, Agile Brasil, TDC, DevCamp, Agile Trends and others. Studying other Arts beside software development, like Theatre, musical instruments and compositions, dance and writing, he acted in five musical plays and has a poetry book published. Daniel is a Vipassana meditation student and is very interested in topics related to human consciousness.

Updated on September 17, 2022

Comments

  • Daniel Cukier
    Daniel Cukier almost 2 years

    I'd like to use my Mac OS X with https for local development tests. How can I easily make Apache2 respond to ssl, just for test proposes - I don't want a real certificate, just a fake to make local https work

  • Daniel Cukier
    Daniel Cukier over 14 years
    it's almost woring for me. When I try to access some page in my Rails, using http the page exists, but when I use https, it returns page not found. Do you know what could be?
  • John T
    John T over 14 years
    Did you change your virtualhost to use https on port 443? It should look like this: <VirtualHost 192.168.1.100:443> SSLEngine On, etc.... </VirtualHost>
  • GordonM
    GordonM over 12 years
    Thanks for this, I got an SSL cert working fine on Lion with this. Just thought I'd add a couple of points though that should make your life easier. Apple's Apache has a httpd-ssl.conf which is already set up to look in /private/etc/apache2 so if you put your server.* files there it's one less file to edit. Also, you need to edit httpd.conf because the line that includes httpd-ssl.conf is commented out by default. Finally, 365 days is a bit short, you might want to set a longer expiry date or you'll be doing it again next year (I used 3650)
  • mammadkoma
    mammadkoma over 11 years
    If anyone has been having problems like I have, you'll be glad to find this link, which explains how to set up the virtualhost with virtualhostx correctly to work with ssl yellowrobot.heroku.com/blog/2012/01/22/…
  • Aldekein
    Aldekein over 10 years
    If it's your dev machine you probably would like to have private key without password: openssl rsa -in server.key -out server.nopass.key
  • i_a
    i_a over 8 years
    If using MAMP make sure /Applications/MAMP/conf/apache/extra/httpd-ssl.conf is properly configured. And check /Applications/MAMP/conf/apache/httpd.conf as well under <IfModule ssl_module>

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

OS X 10.11.6 El Capitan SSLRead() return error -9841
Getting a certificate from an https site
apache2 VirtualHost in Mac OS X home directory
Apache won't start on Mac OS X Lion/MAMP
Why is Apache listening on port 443 with http but not on https?
Solve untrusted self-signed certificate
SSL Redirect in VirtualHost causing url to break
Install multiple PHP environments on OS X Snow Leopard
How can I remove Apache2 that I have installed in Mac OS X?
Importing a self-signed SSL certificate on MacOS