Super simple local wildcard SSL!

For use with MAMP

Categories: General

Working locally most of the time a secure site won’t be necessary but from time to time you will require a secure connection. Such as working with oAuth providers, and making sure that you don’t serve any mixed assets.

Previously I used OpenSSL locally on my Mac, and it was… OK, but it was sort of complicated and involved a lot of copy and paste.

To get started let’s start off by installing mkCert using HomeBrew. Create a new folder in your Sites directory called SSL, and navigate your way there in the terminal.

brew install mkcert
brew install nss # if you use Firefox

mkcert -install

mkcert site.local '*.site.local'

That was it! Your certificate is is ready to go, but now what?

Configure MAMP

Open /Applications/MAMP/conf/apache/httpd.conf and search for # Virtual hosts.

Add a line under httpd-vhosts.conf called httpd-secure-vhosts.conf.

Open /Applications/MAMP/conf/apache/httpd-secure-vhosts.conf and add the following, changing the names and paths to reflect your needs.

NameVirtualHost *:443

<VirtualHost *:443>
	ServerName site.local
    ServerAlias *.site.local
    ServerAlias dev.smi
    ServerAlias *.dev.smi

	DocumentRoot "/Users/{username}}/Sites/web_path/"

    <IfModule xsendfile_module>
        XSendFilePath "/Users/{username}}/Sites/web_path/"

    SSLEngine on


    ErrorLog "/Applications/MAMP/logs/apache_ssl_error.log"
    TransferLog "/Applications/MAMP/logs/apache_ssl_access.log"
    CustomLog "/Applications/MAMP/logs/apache_ssl_request.log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    SSLCertificateFile "/Users/{username}}/Sites/ssl/site.local+1.pem"
    SSLCertificateKeyFile "/Users/{username}}/Sites/ssl/site.local+1-key.pem"

    SSLSessionTickets on

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars

    <Directory "/Applications/MAMP/Library/cgi-bin">
        SSLOptions +StdEnvVars

    BrowserMatch ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

	<Directory "/Users/{username}}/Sites/web_path/">
		Options Includes FollowSymLinks ExecCGI
		AllowOverride All
		Order allow,deny
        Allow from all



Open /Applications/MAMP/conf/apache/httpd.conf again and look for Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf and uncomment that line.

I personally remove the VirtualHost from this file and leave it the httpd-secure-vhosts.conf file that we previously created.

By creating a wild card certificate you can simply add every new local site under that subdomain if you so choose.

Adam Patterson

Adam Patterson

User Interface Designer & Developer with a background in UX. I have spent 5 years as a professionally certified bicycle mechanic and ride year-round.

I am a husband and father of two, I enjoy photography, music, movies, coffee, and good food.

You can find me on Twitter, Instagram, and YouTube!