How to set up HTTPS for local testing purposes?

Question

I need to see how a web application will work with HTTPS. But I can't really find much information around about it. I tried to set up my local Apache but I can't find a CA autorithy to sign my certificate... Hints? Suggestions?

Answer 1

http://sial.org/howto/openssl/self-signed/

There's various tutorials around the web. OpenSSL is an excellent free tool for handling certificate creation.

Answer 2

The possibilities to consider are:

1. Generate your own certificate (self-signed certificate)
2. Get a certificate issued by a known issuer
3. Get a certificate issues by an issuer not recognised by the browser

Nr. 1 is probably the most widely used solution. You can find instructions here. The only disadvantage is that browsers will complaint about the unknown CA. In Firefox, you can just add a permanent exception and get rid of the warning. (Internet Explorer does not seem to provide such option, but I'm not fully sure.)

Nr. 2 normally costs money so it's not recommended for dev environments.

Nr. 3 can be obtained for free (see https://www.cacert.org/); they also trigger a browser warning but you have the possibility of adding the CA to your browser's trusted authorities (given that you really trust them!). In general, I would not recommend it.