Loading...
 
Set up HTTPS on a Mac local server Type of page »  Developers documentation

HTTPS on a Local Mac Server

This page explains how to set up a local development server on a Mac (with Apache installed) to use HTTPS to more closely mimic the environment on a production website. This involves installing a self-signed SSL certificate and ensuring Apache is configured accordingly. These instructions assume that openssl has been installed. Most of this was obtained from this guide.

  1. Configure SSL settings
    Open the SSL configuration file using in Terminal (using the nano editor in these instructions)
    Copy to clipboard
    sudo nano /private/etc/apache2/extra/httpd-ssl.conf
    1. In the <VirtualHost> section, make sure the settings are as follows;
      1. Change <VirtualHost _default_:443> to <VirtualHost *:443>
      2. Make sure the DocumentRoot is correct for your local server
      3. Change the ServerName to localhost:443
      4. Make sure SSLEngine is set to on
    2. Note the certificate file paths
      1. Find the SSLCertificateFile and SSLCertificateKeyFile directives
      2. These lines should be uncommented (i.e., no # at the beginning of the line)
      3. Note the path and files names - these will be used later. You can change the location and file name, just make sure that the paths and names here match the actual files you create later. For these instructions we will use the following:
        SSLCertificateFile "/private/etc/ssl/server.crt"
        SSLCertificateKeyFile "/private/etc/ssl/server.key"
  2. Create configuration files
    1. Create a file named server.csr.cnf
      Copy to clipboard
      sudo nano /private/etc/ssl/server.csr.cnf
    2. Paste the following into server.csr.cnf, changing location and email values as needed, and then save the file
      Copy to clipboard
      [req] default_bits = 2048 prompt = no default_md = sha256 distinguished_name = dn [dn] C=US ST=New York L=Rochester O=End Point OU=Testing Domain emailAddress=your-administrative-address@your-awesome-existing-domain.com CN = localhost
    3. Create a file named v3.ext
      Copy to clipboard
      sudo nano /private/etc/ssl/v3.ext
    4. Paste the following into v3.ext, and then save the file
      Copy to clipboard
      authorityKeyIdentifier=keyid,issuer basicConstraints=CA:FALSE keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment subjectAltName = @alt_names [alt_names] DNS.1 = localhost
  3. Generate certificates and keys
    Navigate to /private/etc/ssl/ and then perform the following
    1. Generate an RSA private key
      Copy to clipboard
      sudo openssl genrsa -des3 -out /private/etc/ssl/rootCA.key 2048
      1. You will be asked for a password and a few other questions
    2. Generate the root certificate which will be valid for 1024 days
      Copy to clipboard
      sudo openssl req -x509 -new -nodes -key /private/etc/ssl/rootCA.key -sha256 -days 1024 -out /private/etc/ssl/rootCA.pem
    3. Create the private key for the certificate
      Copy to clipboard
      sudo openssl req -new -sha256 -nodes -out server.csr -newkey rsa:2048 -keyout server.key -config server.csr.cnf
    4. Generate the certificate
      Copy to clipboard
      sudo openssl x509 -req -in server.csr -CA /private/etc/ssl/rootCA.pem -CAkey /private/etc/ssl/rootCA.key -CAcreateserial -out server.crt -days 500 -sha256 -extfile v3.ext
    5. To verify the certificate has the SAN (needed to work in some browsers)
      Copy to clipboard
      openssl x509 -text -in server.crt -noout
      • The output should contain this line:
        Copy to clipboard
        X509v3 Subject Alternative Name: DNS:localhost
  4. Set Apache configurations
    1. Make sure the and ssl_module and socache_shmcb_module are loaded in the Apache Configuration file at /usr/local/etc/httpd/httpd.conf by uncommenting the following lines:
      LoadModule ssl_module lib/httpd/modules/mod_ssl.so
      LoadModule socache_shmcb_module lib/httpd/modules/mod_socache_shmcb.so
      Note: there are different types of socache modules - uncomment the one that matches the uncommented module used in the /private/etc/apache2/extra/httpd-ssl.conf file you edited at the beginning of these instructions
    2. Restart Apache
      Copy to clipboard
      sudo apachectl restart
  5. Go to https://localhost/ and see if it works!

Keywords

The following is a list of keywords that should serve as hubs for navigation within the Tiki development and should correspond to documentation keywords.

Each feature in Tiki has a wiki page which regroups all the bugs, requests for enhancements, etc. It is somewhat a form of wiki-based project management. You can also express your interest in a feature by adding it to your profile. You can also try out the Dynamic filter.

Accessibility (WAI & 508)
Accounting
Administration
Ajax
Articles & Submissions
Backlinks
Banner
Batch
BigBlueButton audio/video/chat/screensharing
Blog
Bookmark
Browser Compatibility
Calendar
Category
Chat
Comment
Communication Center
Consistency
Contacts Address book
Contact us
Content template
Contribution
Cookie
Copyright
Credits
Custom Home (and Group Home Page)
Database MySQL - MyISAM
Database MySQL - InnoDB
Date and Time
Debugger Console
Diagram
Directory (of hyperlinks)
Documentation link from Tiki to doc.tiki.org (Help System)
Docs
DogFood
Draw -superseded by Diagram
Dynamic Content
Preferences
Dynamic Variable
External Authentication
FAQ
Featured links
Feeds (RSS)
File Gallery
Forum
Friendship Network (Community)
Gantt
Group
Groupmail
Help
History
Hotword
HTML Page
i18n (Multilingual, l10n, Babelfish)
Image Gallery
Import-Export
Install
Integrator
Interoperability
Inter-User Messages
InterTiki
jQuery
Kaltura video management
Kanban
Karma
Live Support
Logs (system & action)
Lost edit protection
Mail-in
Map
Menu
Meta Tag
Missing features
Visual Mapping
Mobile
Mods
Modules
MultiTiki
MyTiki
Newsletter
Notepad
OS independence (Non-Linux, Windows/IIS, Mac, BSD)
Organic Groups (Self-managed Teams)
Packages
Payment
PDF
Performance Speed / Load / Compression / Cache
Permission
Poll
Profiles
Quiz
Rating
Realname
Report
Revision Approval
Scheduler
Score
Search engine optimization (SEO)
Search
Security
Semantic links
Share
Shopping Cart
Shoutbox
Site Identity
Slideshow
Smarty Template
Social Networking
Spam protection (Anti-bot CATPCHA)
Spellcheck
Spreadsheet
Staging and Approval
Stats
Survey
Syntax Highlighter (Codemirror)
Tablesorter
Tags
Task
Tell a Friend
Terms and Conditions
Theme
TikiTests
Federated Timesheets
Token Access
Toolbar (Quicktags)
Tours
Trackers
TRIM
User Administration
User Files
User Menu
Watch
Webmail and Groupmail
WebServices
Wiki History, page rename, etc
Wiki plugins extends basic syntax
Wiki syntax text area, parser, etc
Wiki structure (book and table of content)
Workspace and perspectives
WYSIWTSN
WYSIWYCA
WYSIWYG
XMLRPC
XMPP




Useful Tools