I use apache/passenger on my development machine, but need to add SSL support (something which isn't exposed through the control panel). I've done this before in production, but for some reason I can't seem to get it work on OSX.
The steps I've followed so far are from a default apache osx install:
- Install passenger and passenger preference pane.
- Add my rails app (this works)
- Create my ca.key, server.crt and server.key as detailed on the apple website.
At this point I need to start editing the apache configs, so I added:
# Apache knows to listen on port 443 for ssl requests.
Listen 443
Listen 80
I thought I'd try editing the passenger pref pane generated config first to get everything working, when I add:
It starts off looking like this
<VirtualHost *:80>
ServerName myapp.local
DocumentRoot "/Users/jonnii/programming/ruby/myapp/public"
RailsEnv development
<Directory "/Users/jonnii/programming/ruby/myapp/public">
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
I then append this:
<VirtualHost *:443>
ServerName myapp.local
DocumentRoot "/Users/jonnii/programming/ruby/myapp/public"
RailsEnv development
<directory "/Users/jonnii/programming/ruby/myapp/public">
Order allow,deny
Allow from all
</directory>
# SSL Configuration
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLOptions +FakeBasicAuth +ExportCertData +StdEnvVars +StrictRequire
#Self Signed certificates
SSLCertificateFile /private/etc/apache2/ssl.key/server.crt
SSLCertificateKeyFile /private/etc/apache2/ssl.key/server.key
SSLCertificateChainFile /private/etc/apache2/ssl.key/ca.crt
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>
The files referenced all exist (I doubled checked that), but now when I restart my apache I can't even get to myapp.local
. However apache can still server the default page when I click on it in the sharing preference panel.
Any help would be greatly appreciated.