Drupal Developer Tips: Testing SSL with MAMP vhost

Submitted by Daniel Henry on 02/23/2013 - 10:23:am

Drupal 7 has made testing SSL cert on your local host a necessity as it introduced a bug that made SSL impossible without a core patch. Read drupal.org/project/securepages modules page for more info. Because of this bug, every time I update core or change the configuration I need to find a way to test SSL on my local system. Here is how I did it. 

Generate an self signed SSL cert. This cert will be considered a spoof or security risk on pretty much every browser but you know its only your local system so just accept the risk.

I found this code to generate a self signed cert from: http://www.emersonlackey.com/article/mamp-with-SSL-https

Generate a private key (will request a password twice):

  1. openssl genrsa -des3 -out server.key 1024

Generate certificate signing request (same password as above):

  1. openssl req -new -key server.key -out server.csr

Answer the questions:

  1. Country Name (2 letter code) [AU]: CA
  2. State or Province Name (full name) [Some-State]: Quebec
  3. Locality Name (eg, city) []: Montreal
  4. Organization Name (eg, company) [Internet Widgits Pty Ltd]: Your Company
  5. Organizational Unit Name (eg, section) []: Development
  6. Common Name (eg, YOUR name) []: localhost
  7. Email Address []: your_email@domain.com
  8. A challenge password []: # leave this empty
  9. An optional company name []: # leave this empty

Generate the certificate:

  1. openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Remove the password from the server key:

  1. cp server.key server.tmp
  2. openssl rsa -in server.tmp -out server.key

Move the certificate into your MAMP configuration folder
mkdir /Applications/MAMP/conf/SSL

  1. cp server.crt /Applications/MAMP/conf/apache/SSL
  2. cp server.key /Applications/MAMP/conf/apache/SSL

The post I mentioned above has some directions for setting up the localhost version of all of this but if you're using virtual hosts so run multiple local sites it’s not going to do the job. So here is how to do it more like the way it will be on your server.

Tell MAMP how to listen to the SSL port:
In the file /Applications/MAMP/conf/apache/httpd.conf Add the line:

  1. Listen 443
  2. after the line
  3. Listen 80

Then in your MAMP vhost file you should already have something pointing to your site like:

  1. <VirtualHost *:80>
  2.  ServerName mysite.local
  3.  ServerAdmin me@mysite.com
  4.  ServerAlias mobile.mysite.local
  5.  DocumentRoot "/Users/myusername/Sites/mysite.local"
  6. </VirtualHost>

Now just add the SSL port version of the vhost:

  1. <VirtualHost 127.0.0.1:443>
  2.  ServerName mysite.local
  3.  DocumentRoot "/Users/myusername/Sites/mysite.local"
  4.  SSLEngine on
  5.  SSLCertificateFile /Applications/MAMP/conf/apache/SSL/server.crt
  6.  SSLCertificateKeyFile /Applications/MAMP/conf/apache/SSL/server.key
  7. </VirtualHost>

Restart MAMP and your'e done.

Featured blog picture provided by CarbonNYC