Self-Signed SSL Certificates

Problems with the Mac OS X version of XAMPP, questions, comments, and anything related.

Self-Signed SSL Certificates

Postby alfred3x » 17. February 2011 20:47

I created a Certificate Authority and self-signed certificate using this tutorial:

http://hints.macworld.com/article.php?s ... 9143420344

I want to use this to get my PHP app, with two different subdomains, working with HTTPS.

I didn't use the extra/httpd-ssl.conf file, but rather the one proposed in the tutorial. Ran into a problem with the configuration; it threw up this error in the log:

[Thu Feb 17 11:37:30 2011] [emerg] (13)Permission denied: couldn't grab the accept mutex

Found a solution for this at http://bugs.xampp.org/view.php?id=110. Just had to add "AcceptMutex flock" and it started up. Huzzah!

Now, I have 2 (maybe 3) subdomains that need to be covered by the certificate. The cert is issued to *.mm.dev. Because it is self-signed, I got the expected notice in the browser that the cert was not trusted. I said OK I understand and it went on. Sadly, it went on to a 404. :( So I'm thinking the configuration isn't pointing to a proper document root.

w00t! Just tried something and it worked! I copied the VirtualHost content from the httpd-vhost.conf file to the aaa-sssl.conf file, and zowie! So now I have the following:
Code: Select all
<IfModule mod_ssl.c>

AcceptMutex flock

Listen 443
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

<VirtualHost *:443>
    SSLEngine on
    ServerName admin.mm.dev
    ServerAdmin alfred@mm.com
    DocumentRoot "/Users/alfred/Sites/mm/htdocs_portal"
    <Directory "/Users/alfred/Sites/mm/htdocs_portal" >
       AddType application/x-httpd-php .html
       Options Indexes FollowSymLinks ExecCGI
       AllowOverride FileInfo
       Order allow,deny
       Allow from all
    </Directory>
    RewriteEngine On

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /Users/alfred/Documents/certs/mm.dev/newcert.pem
    SSLCertificateKeyFile /Users/alfred/Documents/certs/mm.dev/webserver.nopass.key
    SSLCACertificateFile /Users/alfred/Documents/certs/demoCA/cacert.pem
    SSLCARevocationPath /Users/alfred/Documents/certs/demoCA/crl
</VirtualHost>

<VirtualHost *:443>
    SSLEngine on
    ServerName kitchen.mm.dev
    ServerAdmin alfred@mm.com
    DocumentRoot "/Users/alfred/Sites/mm/htdocs_restowner"
    <Directory "/Users/alfred/Sites/mm/htdocs_restowner" >
       AddType application/x-httpd-php .html
       Options Indexes FollowSymLinks ExecCGI
       AllowOverride FileInfo
       Order allow,deny
       Allow from all
    </Directory>
    RewriteEngine On

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /Users/alfred/Documents/certs/mm.dev/newcert.pem
    SSLCertificateKeyFile /Users/alfred/Documents/certs/mm.dev/webserver.nopass.key
    SSLCACertificateFile /Users/alfred/Documents/certs/demoCA/cacert.pem
    SSLCARevocationPath /Users/alfred/Documents/certs/demoCA/crl
</VirtualHost>

</IfModule>


Still have a problem though: While the server is honoring requests on the second vhost, it does so to the docroot listed in the first vhost. Any help appreciated.
alfred3x
 
Posts: 29
Joined: 10. August 2006 19:00
Location: Toronto, ON, Canada

Re: Self-Signed SSL Certificates

Postby alfred3x » 17. February 2011 20:51

OK, figured it out. Once again, I went to httpd-vhosts.conf and found a difference. At the top I had "NameVirtualHost *:80"; so I did the same for the ssl.conf file but changed the port to 443, and Robert is your mother's brother.

Good luck droogs!
alfred3x
 
Posts: 29
Joined: 10. August 2006 19:00
Location: Toronto, ON, Canada


Return to XAMPP for Mac OS X

Who is online

Users browsing this forum: No registered users and 2 guests