All geek questions in one place

Obtaining SSL for working with Apache / Passenger on OSX

I use apache / passenger on my development machine, but you need to add SSL support (something that is not displayed through the control panel). I did this before in production, but for some reason I can't get it to work on OSX.

The steps that I have performed so far refer to installing apache osx by default:

  • Set the preferences panel for passengers and passengers.
  • Add my rails application (this works)
  • Create my ca.key, server.crt and server.key as detailed on the Apple website .

At this point, I need to start editing apache configurations, so I added:

# Apache knows to listen on port 443 for ssl requests. Listen 443 Listen 80

I thought that at first I would try to edit the configuration created for pre-setting the passenger so that everything would work when I add:

It starts to look like this

 <VirtualHost *:80> ServerName myapp.local DocumentRoot "/Users/jonnii/programming/ruby/myapp/public" RailsEnv development <Directory "/Users/jonnii/programming/ruby/myapp/public"> Order allow,deny Allow from all </Directory> </VirtualHost>

Then add the following:

 <VirtualHost *:443> ServerName myapp.local DocumentRoot "/Users/jonnii/programming/ruby/myapp/public" RailsEnv development <directory "/Users/jonnii/programming/ruby/myapp/public"> Order allow,deny Allow from all </directory> # SSL Configuration SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SSLOptions +FakeBasicAuth +ExportCertData +StdEnvVars +StrictRequire #Self Signed certificates SSLCertificateFile /private/etc/apache2/ssl.key/server.crt SSLCertificateKeyFile /private/etc/apache2/ssl.key/server.key SSLCertificateChainFile /private/etc/apache2/ssl.key/ca.crt SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 </VirtualHost>

The referenced files all exist (I checked this twice), but now when I restart my apache, I can't even get to myapp.local . However, apache can still load the default page when I click on it in the sharing preferences pane.

Any help would be greatly appreciated.

+4
source share
3 answers

I think Apache does not support virtual hosts for SSL. You probably have another SSL virtual host that is used instead. Remove it and it should work.

+2
source

The OS X Apache distribution includes an example configuration file for enabling SSL: see /etc/apache2/extra/httpd-ssl.conf . Just make sure the config is valid for your needs, then find the following line in /etc/apache2/httpd.conf :

 #Include /private/etc/apache2/extra/httpd-ssl.conf

and uncomment it by removing the octotorp.

+2
source

instead of defining two virtual hosts, just define one with a heading:

 <VirtualHost *:443 *:80>
+2
source

Source: https://habr.com/ru/post/1304029/

More articles:


All Articles