Posted on Leave a comment


Settings up a local web host/server on a iMAc is not that hard nowadays, Apple even ships with a built in server, if you want. Those of you that installed MAMP but opted out of MAMP Pro, may find them self in need of a SSL setup for local development. Or just because we can. Now MAMP is not supposed to be able to that. But we have a small/intermediate tutorial for you that just does that. Keep in mind this will be a self signed certificate. So lets get in on, but first things first:

Make a backup of your files!

So now that you have done creating a backup of your files here are the steps involved:

1. Navigate to your home folder

We will need a folder to hold those SSL files we will be generating our self

cd ~

2. Check if you have a ssl folder, if not then create one with

mkdir ssl

3. Then first create a v3.ext file

authorityKeyIdentifier = keyid, issuer
basicConstraints = CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
DNS.1 = localhost

4. Next we create a server.csr.cnf file

default_bits= 2048
prompt= no
default_md= sha256
distinguished_name = dn
C = NL
L = Utrecht
O = End Point
OU = Testing Domain
emailAddress =
CN = localhost

5. Now we need to issue a few commands on the commandline

#From the commandline navigate to ~/ssl folder and execute these commands 
#Make sure you create your server.csr.cnf and your v3.ext files first inside the same folder 

#generate a private key 

#This will ask you for a passphrase(password) do NOT lose this file or the password 
openssl genrsa -des3 -out ~/ssl/rootCA.key 2048 

#root certificate 
openssl req -x509 -new -nodes -key ~/ssl/rootCA.key -sha256 -days 1024 -out ~/ssl/rootCA.pem 

#private key for the certificate (server.key) 
openssl req -new -sha256 -nodes -out server.csr -newkey rsa:2048 -keyout server.key -config <(cat server.csr.cnf)

openssl x509 -req -in server.csr -CA ~/ssl/rootCA.pem -CAkey ~/ssl/rootCA.key -CA createserial -out server.crt -days 500 -sha256 -extfile v3.ext 

#check what we have done so far 
openssl x509 -text -in server.crt -nooutt 

6. Then we start editing out httpd.conf files


#EDITS FOR httpd.conf

#1. Uncomment these lines
LoadModule ssl_module modules/
Include /Applications/MAMP/conf/extra/httpd-ssl.conf

#2. Change ServerName value
ServerName localhost:443

#EDITS FOR httpd-ssl.conf

#3. Uncomment
Listen 443

#4. Edit VirtualHost opening tag
&amp;amp;amp;amp;amp;lt;VirtualHost *:443&amp;amp;amp;amp;amp;gt;

#5. Inside VirtualHost edit these lines
DocumentRoot "/Applications/MAMP/htdocs"
ServerName localhost:443
SSLEngine on

#6. Add/Uncomment/Edit the two certificate lines
SSLCertificateFile "/Users/YOURUSERNAME/ssl/server.crt"
SSLCertificateKeyFile "/Users/YOURUSERNAME/ssl/server.key"

7. Now we are going to add our public key to the keychain

Drag your .pem file to the window and make sure to set it to always trust

8. Now shutdown MAMP and try to restart.

Most likely this will not work right away.


After some fiddling I came up with the next few things

make sure the DocumentRoot in httpd-ssl.conf is correct

it should read:

DocumentRoot “/Applications/MAMP/htdocs”

in some MAMP configurations the path is wrong and reads:

DocumentRoot “/Applications/MAMP/Library/htdocs”


First time starting with MAMP might fail:

Try starting it with

sudo /Applications/MAMP/Library/bin/apachectl start

After these settings and changes i was able to access my sites on localhost with