Today I’ll explain how to setup testing environment with https protocol on Ubuntu. It should take around 10-15 minutes to do it manually. I assume you have installed LAMPP on your development PC.
First thing first. We’ll need an SSL certificate to even begin. So I’ll explain how to create self-signed SSL certificate. There are even free trusted SSL certificates out there, but i haven’t tried them. 😀 You can look it up here: http://www.cacert.org and http://cert.startcom.org. But lets go back on topic of creating it by ourselves.
Open up the Console, and type in the following:
- openssl genrsa -aes256 -out pass.key 2048
it will ask you for password, so you should provide one
- openssl rsa -in pass.key -out oursite.key
it will ask you for the password you entered for initial key generation, and if everything goes well, it will generate the key
- openssl req -new -x509 -nodes -sha1 -key oursite.key -out oursite.crt -days 999 -config /opt/lampp/share/openssl/openssl.cnf
note that this is the part where we create our actual certificate (oursite.crt), and also, change the last part according to your LAMPP installation. Also, this part will ask you for some information about the certificate itself.
Note: also, you can insert a dot to leave the field empty.
Next part will be the about actual setup.So we need to navigate to /opt/lampp/etc and copy our key (oursite.key) and crt files (oursite.crt) to according folders (ssl.key and ssl.crt).
After that navigate to /opt/lampp/etc/extra and edit the “httpd-ssl.conf” file. Insert this fragment at the end of the file:
DocumentRoot /oursite/project/root/directory
ServerName oursite:443
ServerAdmin you@oursite
ErrorLog /opt/lampp/logs/error_log
TransferLog /opt/lampp/logs/access_log
SetEnv APPLICATION_ENV development
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /opt/lampp/etc/ssl.crt/oursite.crt
SSLCertificateKeyFile /opt/lampp/etc/ssl.key/oursite.key
<filesmatch ".(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
<directory "/oursite/project/root/directory">
SSLOptions +StdEnvVars
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
BrowserMatch ".*MSIE.*"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
CustomLog /opt/lampp/logs/ssl_request_log
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"
This part is pretty much self-explained, so please edit it for your specific case. Now, you should navigate to httpd.conf file (/opt/lampp/etc directory in my case), and see if this line is commented “#Include conf/extra/httpd-ssl.conf”. If it is, uncomment it.
Only thing left to do is to navigate to hosts file (/etc/hosts) and add a line at the end as follows:
127.0.0.1 oursiteSave everything if you still haven’t and restart apache.
Open up your favourite web broser and enter our new url: https://oursite
After confirming the certificate, everything is done. I hope I’ve learned you something new today. 😉
