Getting SSL to work with Apache/Passenger on OSX

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by jonnii on Stack Overflow See other posts from Stack Overflow or by jonnii
Published on 2010-03-13T18:45:31Z Indexed on 2010/03/13 18:55 UTC
Read the original article Hit count: 392

Filed under:
|
|
|

I use apache/passenger on my development machine, but need to add SSL support (something which isn't exposed through the control panel). I've done this before in production, but for some reason I can't seem to get it work on OSX.

The steps I've followed so far are from a default apache osx install:

  1. Install passenger and passenger preference pane.
  2. Add my rails app (this works)
  3. Create my ca.key, server.crt and server.key as detailed on the apple website.

At this point I need to start editing the apache configs, so I added:

# Apache knows to listen on port 443 for ssl requests.
Listen 443
Listen 80

I thought I'd try editing the passenger pref pane generated config first to get everything working, when I add:

It starts off looking like this

<VirtualHost *:80>
  ServerName myapp.local
  DocumentRoot "/Users/jonnii/programming/ruby/myapp/public"
  RailsEnv development
  <Directory "/Users/jonnii/programming/ruby/myapp/public">
    Order allow,deny
    Allow from all
  </Directory>
</VirtualHost>

I then append this:

<VirtualHost *:443>
  ServerName myapp.local
  DocumentRoot "/Users/jonnii/programming/ruby/myapp/public"
  RailsEnv development
  <directory "/Users/jonnii/programming/ruby/myapp/public">
    Order allow,deny
    Allow from all
  </directory>

  # SSL Configuration
  SSLEngine on
  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
  SSLOptions +FakeBasicAuth +ExportCertData +StdEnvVars +StrictRequire

  #Self Signed certificates
  SSLCertificateFile /private/etc/apache2/ssl.key/server.crt
  SSLCertificateKeyFile /private/etc/apache2/ssl.key/server.key
  SSLCertificateChainFile /private/etc/apache2/ssl.key/ca.crt

  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

</VirtualHost>

The files referenced all exist (I doubled checked that), but now when I restart my apache I can't even get to myapp.local. However apache can still server the default page when I click on it in the sharing preference panel.

Any help would be greatly appreciated.

© Stack Overflow or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about osx

Related posts about apache

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle