Zero Inverse

This is a re-post of a blog entry from Rocketwerx

You would think this would be really easy, but it turns out that there’s no clear documentation on how to get MAMP Pro to work with SSL. Here’s the steps I went through that allowed me to get this working and even automatically enabled via the MAMP Pro GUI.

Setting it all up

First things first, you have to tell the MAMP Pro that you want the SSL configuration to start up when you start the servers. For this you have to use a little trick my buddy David Lewis told me about. In the GUI, under the Servers tab, hold down Option when you click the Apache tab. This will display a new hidden checkbox called SSL, now you can just enable this checkbox and it will trigger the SSL “If” blocks in the apache config.

Next, you need to switch your MAMP to use the regular HTTP port. By default the port under Server / General is configured with the default port of 8888. This needs to be a port under 1024, eg 80, for MAMP to run under a privileged account so the default SSL port of 443 can properly bind. Once you have these GUI changes made, it’s time to get down and dirty in the terminal.

Fire up your terminal of choice, mine is still iTerm even though the Terminal in leopard is much improved. Now you will need to navigate to MAMP’s apache configuration directory and make a couple of directories for your SSL certificate and key:

Now your going to have to create a temporary testing SSL certificate:

My openssl configuration required me to put in a passphrase during this process, but I didn’t want to have to enter that manually from the terminal everytime, so I removed the passphrase with this command:

The existing MAMP ssl.conf file already points to these files so we are all good there, the last step I had to do was to update my SSL Document Root to point to the site I was testing with SSL. To do that just open up the ssl.conf file:

And then you Edit the DocumentRoot path to point to the location of your site.

That should be it! Just stop and start your servers in the MAMP Pro GUI, and you should be prompted for a username/password. Just enter the data for a priveledged account and your server should start up with both HTTP and HTTPS enabled. Just point your browser to your local mamp install: https://localhost and you should see the default page from your SSL document Root

Possible Issues

The most common problem you are going to have with this procedure is the apache server not starting when you click the start button in the MAMP Pro GUI. There are several reasons this could happen, but the most likely is that you already have something else running that is listening on either port 80 or port 443. If you open up the Console from your Applications / Utilities folder, and look in the Console Messages window you should get a summary of what happened when MAMP tried to start up. An existing application already using a port typically shows up with something along the lines of:

First you should make sure you don’t have Web Sharing enabled in your System Preferences. This enables Leopard’s built in apache which runs on port 80 by default. If you already have that disabled you can track down the application using this port by typing the following command in the terminal:

The port usages will be displayed, and you want to look for the COMMAND that is set to LISTEN on port 80:

In this example the process called httpd is listening on this port already.

UPDATE:

Also, if you are using MAMP, it appears some ROOT CERTIFICATES are not available, causing CURL+PHP+SSL to not work.

Generate your own crt:

1. ) Download: http://www.gknw.net/php/phpscripts/mk-ca-bundle.phps to c:\
2. ) Open cmd and run: c:>php mk-ca-bundle.php
3. ) Output should read: Downloading ‘certdata.txt’ …Done (140 CA certs processed).
4. ) This file should be created: c:\ca-bundle.crt
5. ) Move c:\ca-bundle.crt to php-sdk\src
6. ) In example.php after instantiating the Facebook object,
   add Facebook::$CURL_OPTS[CURLOPT_CAINFO] = ‘path\to\php-sdk\src\ca-bundle.crt’;