My setup :
- OSX : 10.8.5
- Apache :
# httpd -V Server version: Apache/2.2.26 (Unix) Server built: Dec 10 2013 22:06:35 Server's Module Magic Number: 20051115:33 Server loaded: APR 1.4.5, APR-Util 1.3.12 Compiled using: APR 1.4.5, APR-Util 1.3.12 Architecture: 64-bit Server MPM: Prefork threaded: no forked: yes (variable process count) Server compiled with.... -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_FLOCK_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="/usr" -D SUEXEC_BIN="/usr/bin/suexec" -D DEFAULT_PIDLOG="/private/var/run/httpd.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_LOCKFILE="/private/var/run/accept.lock" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="/private/etc/apache2/mime.types" -D SERVER_CONFIG_FILE="/private/etc/apache2/httpd.conf"
openssl :
# openssl version
OpenSSL 0.9.8y 5 Feb 2013
Generate a self-signed certificate :
As root :
# cd /etc/apache # mkdir ssl # cd ssl
# openssl req -new -newkey rsa:2048 -nodes \ -out www_192_168_90_25_xip_io.csr \ -keyout www_192_168_90_25_xip_io.key \ -subj "/C=FR/ST=FRANCE/L=PARIS/O=MyProject/OU=The Team/CN=www.192.168.90.25.xip.io"
# ls -l total 16 -rw-r--r-- 1 root wheel 1050 Apr 1 10:15 www_192_168_90_25_xip_io.csr -rw-r--r-- 1 root wheel 1675 Apr 1 10:15 www_192_168_90_25_xip_io.key
# openssl x509 -req -days 730 -in www_192_168_90_25_xip_io.csr -signkey www_192_168_90_25_xip_io.key -out www_192_168_90_25_xip_io.crt Signature ok subject=/C=FR/ST=FRANCE/L=PARIS/O=MyProject/OU=The Team/CN=www.192.168.90.25.xip.io Getting Private key
# ls -l total 24 -rw-r--r-- 1 root wheel 1294 Apr 1 10:23 www_192_168_90_25_xip_io.crt -rw-r--r-- 1 root wheel 1050 Apr 1 10:15 www_192_168_90_25_xip_io.csr -rw-r--r-- 1 root wheel 1675 Apr 1 10:15 www_192_168_90_25_xip_io.key
Configure Apache
InĀ extra/httpd-ssl.conf add the following NameVirtualHost directive :
NameVirtualHost *:443 Listen 443
Also configure your default virtualhost :
<VirtualHost _default_:443>
DocumentRoot "/Users/charles/Sites"
ServerName localhost:443
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile "/private/etc/apache2/ssl/www_192_168_90_25_xip_io.crt"
SSLCertificateKeyFile "/private/etc/apache2/ssl/www_192_168_90_25_xip_io.key"
</VirtualHost>
In httpd.conf enable ssl (by default, it’s commented out) :
Include /private/etc/apache2/extra/httpd-ssl.conf
You can now connect on your https://localhost
To setup a new virtualhost, enable ssl in your vhost directive :
<VirtualHost *:443>
ServerAlias www.192.168.90.25.xip.io
DocumentRoot "/Users/charles/Sites/project
<Directory /Users/charles/Sites/project>
Options FollowSymLinks Indexes
AllowOverride All
</Directory>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile "/private/etc/apache2/ssl/www_192_168_90_25_xip_io.crt"
SSLCertificateKeyFile "/private/etc/apache2/ssl/www_192_168_90_25_xip_io.key"
</VirtualHost>