«
»

Getting MAMP working with SSL on OS X

At Webopius we develop a fair number of e-Commerce based sites, all of which use Secure Sockets Layer (SSL) to ensure the security of personal information entered and communicated via the browser.

In many cases, we have a live site deployed and we have a development environment running locally within a Mac OS X based system running MAMP (www.mamp.info). Normally, MAMP doesn’t have the configuration settings to allow Apache to run with SSL support so this guide is intended to show you how to change that and run a functional site with support for both http:// and https:// connections using MAMP.

What we will be doing is configuring MAMP to use ports 80 (http) and 443 (SSL) rather than the 8888 port it uses as standard. We will also be changing the configuration to allow you to stop and start both http and https services using the standard MAMP console rather than having to use the command line.

Step 1: Backup!

Before making any changes to MAMP, please backup your MAMP install. At the very minimum, take copies of the conf/apache/httpd.conf and conf/apache/ssl.conf files as we will be editing these.

Step 2: Stop any other web server running on your machine

Because we are going to change the port that MAMP uses for http traffic (usually 8888), you need to make sure that no other process is currently using ports 80 and 443. You can check this by typing netstat at the terminal. The usual suspect is the Mac’s own apache server which you will need to stop if it is running.

Step 3. Create a self signed SSL certificate

For development purposes, you need to create an SSL certificate. Of course for your live commercial site, you will need to purchase an authenticated certificate (we use Comodo SSL for ours) but for development purposes you can create your own free SSL certificate as follows:

Generate a private key

From the OS X terminal, type:

openssl genrsa -des3 -out server.key 1024
enter a password (twice)

Generate Certificate Signing Request (CSR)

openssl req -new -key server.key -out server.csr
enter the password you used above for the server key

Now, answer the questions it asks you, an example is shown below. The MOST important field is the Common Name which must match the domain name you are using locally (e.g. dev.mysite.com)


Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:Surrey
Locality Name (eg, city) []:Richmond
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Webopius Ltd
Organizational Unit Name (eg, section) []:Development
Common Name (eg, YOUR name) []:dev.mywebsite.com
Email Address []:sales@webopius.com
A challenge password []:
An optional company name []:

(We left the challenge password blank)

Generate the Certificate

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
enter the password you used for the private key

Remove password from the server key

cp server.key server.tmp
openssl rsa -in server.tmp -out server.key

Move the Certificate and key into the MAMP configuration

mkdir /Applications/MAMP/conf/ssl
cp server.crt /Applications/MAMP/conf/ssl
cp server.key /Applications/MAMP/conf/ssl

Step 5. Edit MAMP Apache Configuration to support SSL

What we will do now, is tell MAMP to support SSL each time that it starts. Normally, you would tell Apache to to this from the command line by typing apachectl startssl but we need the convenience of starting MAMP from the standard MAMP dashboard or application window.

Edit the MAMP ssl.conf file (/Applications/MAMP/conf/apache/ssl.conf)

- Comment out the line that looks for SSL being defined  (change <IfDefine SSL> to #<IfDefine SSL>)

- Comment out the closing define  (change </IfDefine SSL> to #</IfDefine SSL>)

- Change the SSLCertificateFile entry to: SSLCertificateFile /Applications/MAMP/conf/ssl/server.crt
- Change the SSLCertificateKeyFile entry to: SSLCertificateKeyFile /Applications/MAMP/conf/ssl/server.key

- [optionally] add a VirtualHost entry for your website (after the existing VirtualHost section) as follows:

<VirtualHost dev.puddingclub.com:443>
DocumentRoot [directory location of mywebsite]
ServerName dev.mywebsite.com
SSLEngine on
SSLCertificateFile /Applications/MAMP/conf/ssl/server.crt
SSLCertificateKeyFile /Applications/MAMP/conf/ssl/server.key
</VirtualHost>

Step 6. Edit MAMP Apache HTTP Configuration to use SSL as standard

Finally, we will edit the MAMP http configuration to listen on ports 80 and 443 (rather than 8888), include the SSL configuration and listed to the SSL ports by default.

Edit the MAMP httpd.conf file (/Applications/MAMP/conf/apache/httpd.conf)

- Change ‘Listen’ to: Listen 127.0.0.1:80 (rather than 8888)
- Load SSL as standard by commenting out the define SSL statements as you did previously: <IfDefine SSL> and </IfDefine SSL>
- Change ‘ServerName’ to: ServerName localhost:80 (rather than 8888)

Remove or change any references in your Virtual Hosts to port 8888 to port 80.

Step 7. Restart Apache

Finally, stop the existing MAMP Apache process and restart.

You *should* now be able to view http://www.yoursite.com AND https://www.yoursite.com.

Tags: , , ,

This entry was posted on Tuesday, October 13th, 2009 at 11:05 am and is filed under Tips. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

6 Responses to “Getting MAMP working with SSL on OS X”

  1. Set SSL connection (https) for the MAMP Moodle Package at Moodle, IT and me says:
    November 25, 2009 at 2:54 am

    [...] follow all the steps on this page: http://www.webopius.com/content/355/getting-mamp-working-with-ssl-on-os-x. This will not be enough to make Moodle works straight, that’s why I’m writing this [...]

  2. Topix says:
    November 26, 2009 at 5:18 pm

    Thanks for the tips – getting SSL in MAMP has always been something to try and give up on ;-)

    One thing you might add …

    If you’re using MAMP Pro (rather than the free version of MAMP) then the httpd.conf file needs to be edited via the MAMP Pro control panel (File->Edit Template->httpd.conf) rather directly in the MAMP folder, since the master httpd.conf file overrides the local one when MAMP Pro starts up.

    Also use ‘localhost’ rather than ‘127.0.0.1′ (no quotes) since that’s already set up as the host name in MAMP Pro.

    Many thanks for your walk-through though – very helpful :-)

  3. Dee says:
    April 3, 2010 at 12:38 am

    An alternative that follows many of the same ideas but also introduces some earier steps.

    Getting SSL to work with MAMP Pro -> http://www.rockettheme.com/blog/coding/310-getting-ssl-to-work-with-mamp-pro

  4. Martin says:
    April 15, 2010 at 2:33 pm

    Followed all the steps but no go.
    Maybe they did something different in the 1.8.4 version.

    ssl_error_rx_record_too_long… :-(

  5. Al says:
    June 21, 2010 at 10:24 am

    I found that after following this SSL pages had a 404 error. It turned out the document root under SSL was wrong.

    A quick fix was to make a symlink to where Apache thought it should be.

    ln -s /Users/{username}/Sites/ /Applications/MAMP/htdocs_ssl

  6. Z says:
    June 30, 2010 at 7:07 pm

    Hi
    I tried following the instructions here for the free version of MAMP but it gives the error

    test$ ./startApache.sh
    httpd (no pid file) not running
    (13)Permission denied: make_sock: could not bind to address [::]:443
    no listening sockets available, shutting down
    Unable to open logs

    Could someone share a working sample for this ?
    Any help is appreciated.
    Thanks

Leave a Reply