10/19/13

HTTPS on localhost

There is a quick tip !!

Sometimes we need to set up SSL on our localhost AKA development environment it can be done with self signed SSL certificate  here a quick guide to setup it on localhost

 tadaaaaa (you can google (or stackoverflow) it if you want but I make it easy)

I'm using Ubuntu Amp Stack (Apache2)

if you don't have it you can start by installing  Apache2
you need root access so I don't like to type sudo every time
so open up terminal

$ sudo -i

enter your password

# apt-get install apache2


once apache is installed you can enable the SSL module 

# a2enmod ssl


and restart the apache

# service apache2 restart

now we are halfway done Now we need a  SSL certificate   you can buy a one from a vendor or signed a one for yourself

lets go with  self signed SSL certificate  
first we need a place to store it (i'm using to store them inside apache2 config )

# mkdir /etc/apache2/ssl 


now we going to create a certificate that valid for one year (365 days)  you can change the valid period by -days argument

 # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

it will show something like this

You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. 
----- Country Name (2 letter code) [AU]:
yeh its LK bitch
State or Province Name (full name) [Some-State]:
Atakalmpanna
Locality Name (eg, city) []:
ATK
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Pawul Sansthawa 
Unit Name (eg, section) []:
ane manda
Common Name (e.g. server FQDN or YOUR name) []:
127.0.0.1
Email Address []:
aaah@omg.com
ok you can enter any funny thing but Common Name (e.g. server FQDN or YOUR name) []: should be 127.0.0.1

open up the SSL config file

# nano /etc/apache2/sites-available/default

(seriously  nano progamers use vim noh)

append this things to the file  look for tags and other stuff

<VirtualHost *:443>
  ServerAdmin webmaster@localhost
  ServerName 127.0.0.1:443
  DocumentRoot /var/www
  <Directory />
    Options FollowSymLinks
    AllowOverride None
  </Directory>
  <Directory /var/www/>
    Options Indexes FollowSymLinks Multiviews
    AllowOverride None
    Order allow,deny
    allow from all
  </Directory>
  SSLEngine on
  SSLCertificateFile /etc/apache2/ssl/apache.crt
  SSLCertificateKeyFile /etc/apache2/ssl/apache.key
</VirtualHost>

 save and exit the file

reload the host file with following command (we do not care about warnings right )

# a2ensite default

now reload the apache 

# service apache2 reload

we are done done !

open your browser and go to

https://127.0.0.1

tadaaaaa let accept the new certificate and work with https stuff

1 comments:

චතුර බුද්ධික said...

මචන් අර oop සිංහල ටියුටෝරියල් එක continue කරපංකෝ...

Post a Comment