For use with MAMP
Working locally most of the time a secure site won’t be necessary but from time to time you will require a secure connection. Such as working with oAuth providers, and making sure that you don’t serve any mixed assets.
Previously I used OpenSSL locally on my Mac, and it was… OK, but it was sort of complicated and involved a lot of copy and paste.
To get started let’s start off by installing mkCert using HomeBrew. Create a new folder in your Sites directory called SSL, and navigate your way there in the terminal.
brew install mkcert
brew install nss # if you use Firefox
mkcert -install
mkcert site.local '*.site.local'
That was it! Your certificate is is ready to go, but now what?
Configure MAMP
Open /Applications/MAMP/conf/apache/httpd.conf
and search for # Virtual hosts
.
Add a line under httpd-vhosts.conf
called httpd-secure-vhosts.conf
.
Open /Applications/MAMP/conf/apache/httpd-secure-vhosts.conf
and add the following, changing the names and paths to reflect your needs.
NameVirtualHost *:443
<VirtualHost *:443>
ServerName site.local
ServerAlias *.site.local
ServerAlias dev.smi
ServerAlias *.dev.smi
DocumentRoot "/Users/{username}}/Sites/web_path/"
<IfModule xsendfile_module>
XSendFilePath "/Users/{username}}/Sites/web_path/"
</IfModule>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ErrorLog "/Applications/MAMP/logs/apache_ssl_error.log"
TransferLog "/Applications/MAMP/logs/apache_ssl_access.log"
CustomLog "/Applications/MAMP/logs/apache_ssl_request.log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
SSLCertificateFile "/Users/{username}}/Sites/ssl/site.local+1.pem"
SSLCertificateKeyFile "/Users/{username}}/Sites/ssl/site.local+1-key.pem"
SSLSessionTickets on
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/Applications/MAMP/Library/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
<Directory "/Users/{username}}/Sites/web_path/">
Options Includes FollowSymLinks ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Open /Applications/MAMP/conf/apache/httpd.conf
again and look for Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf
and uncomment that line.
I personally remove the VirtualHost from this file and leave it the httpd-secure-vhosts.conf
file that we previously created.
By creating a wild card certificate you can simply add every new local site under that subdomain if you so choose.