Tag: OS X

Configuring SSL for Apache on OS X Lion using MAMP

Configuring SSL for Apache on OS X Lion using MAMP

After self-signing an SSL certificate for development purposes the Web server needs to be configured appropriately. I found the posting by Dave Kiss to be the best one. Following are the required steps if you used the default MAMP settings:

  1. Backup your configuration files:
    1. Open a terminal window.
    2. Go to the Apache configuration folder:
      cd /Applications/MAMP/conf/apache
    3. Backup the Apache configuration file:
      cp httpd.conf httpd.conf.bak
    4. Backup the SSL configuration file:
      cp extra/httpd-ssl.conf extra/httpd-ssl.conf.bak
  2. Update the Apache configuration file:
    1. Open the configuration file using an editor of your choice:
      nano httpd.conf
    2. Search for the line containing httpd-ssl.conf:
      Press Ctrl-W then type httpd-ssl.conf
    3. Uncomment the line by removing the # from the beginning such that it reads:
      Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf
    4. Save and exit:
      Press Ctrl-X the Y
  3. Copy the server.key and server.crt file to your Apache configuration folder.
  4. Start the servers through the MAMP interface.
  5. Navigate to your site through a browser using https:
    https://localhost
Accept self-signed certificate

N.B. If the apache server fails to start then you have an error in your configuration, make sure you replace the DocumentRoot in your SSL configuration file to match your actual root folder.

N.B. Dave’s post also contains steps to configure Virtual Hosts which I left out for a different posting to be less confusing.

N.B. Dave’s post using git to backup the files, in this post I simply make a copy of the configuration file, if you want to restore the backup simply type: cp httpd.conf.bak httpd.conf or any other file you want to restore.

Configuring MySQL Workbench with MAMP on Mac OS X Lion

Configuring MySQL Workbench with MAMP on Mac OS X Lion

Installing MAMP on Mac OS X Lion is surely an easy way of getting Apache, PHP and MySQL working on your system. If you plan on using MySQL Workbench you will need to do some additional steps.

  1. Create the missing my.cnf file.
    1. Open a terminal window.
    2. Create the file by typing:
      sudo touch /etc/my.cnf
    3. Change the owner of the file to your username:
      sudo chown fraki /etc/my.cnf
  2. Create a new server instance and shown in my previous post: MAMP, MySQL Workbench and WordPress setup guide
  3. Edit the server instance settings as follows:
    1. Set the MySQL Server start command to:
      /Applications/MAMP/bin/startMysql.sh
    2. Set the MySQL Server stop command to:
      /Applications/MAMP/bin/startMysql.sh
    3. Set the MySQL Server status command to:
      ps xa | grep “/Applications/MAMP/Library/bin/[m]ysqld”
Configuring MySQL Workbench on OS X Lion with MAMP

Keep checking through the guide for additional configuration.

Self-Signed SSL Certificate

Self-Signed SSL Certificate

If you are planning on developing or customizing some web systems such as WordPress or Magento, then at one point you will need some security. You might want to sign the SSL certificate yourself. A number of guides exists for this, for Windows Systems I found the one by Shivprasad Koirala to be very intuitive and for Unix systems the one by Heroku and Scott Baker are best. Here are the steps required:

  1. Check that openssl is installed by running the following command in a terminal:
    which openssl
     
  2. If no such file is found then you need to install. Here are the possible installation methods
    1. Mac OSX – Via Homebrew: homebrew install openssl
    2. Windows – Download software package.
    3. Linux (Debian/Ubuntu Variants) – Guide – sudo apt-get install openssl
    4. Linux (RedHat Variants) – Guide – yum install openssl

     

  3. Generate the keys for the Certificate Authority
    openssl genrsa -des3 -out ca.key 4096
    openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
     
  4. Generate the private key for your server
    openssl genrsa -des3 -out server.key 4096
     
  5. Create the certificate signing request to be signed (leave challenge password and organization name empty)
    openssl req -new -key server.key -out server.csr
     
  6. Sign your certificate
    openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
     
  7. Optionally remove the password
     openssl rsa -in server.key -out server.key.nopass

For some documentation about how to use openssl check the official site.

Theme: Overlay by Kaira