I am currently doing local development on a webproject using a LAMP stack. Since my production application will be using https for login, I'd like to be able to mimic this in my local dev environment so that all the url's remain consistent. I am new to ssl certificates so could anyone please point me to some reference on how to do this? Would I need to sign my own certificate? Where do I put the certificate (I have virtualhost configurations using apache)? Thanks.
A:
You can use Java's keystore to generate a self-signed certificate for local development.
duffymo
2009-07-30 00:31:39
+1
A:
Hello, I'm new here but go to this site and the information there
bschuster
2009-07-30 00:32:49
Yup, this is the walkthrough I used to create a self-signed when I was setting up SSL
John Pirie
2009-07-30 11:37:03
A:
You are best off making a self signed certificate and adding it to whatever machine you use for testing. It should then appear "real" to the client... of course, it is real... just not by a "trusted" place. (quote marks because I swear it is all about money!)
I just found this page that should step you through it
Wil
2009-07-30 00:32:54
I agree with your quotes: the cert verifies that your traffic isn't going to be intercepted - which is the primary thing the vast majority of users care about. By conflating it with "and this is really XYZ's web site" and convincing the buying public that it isn't "secure" unless it is from a "trusted source", the people at Verisign and the major browser makers have set up an easy profit opportunity. The latest racket is "Extended Validation" SSLs - it just breathes greed in and exhales dishonesty out.
Mark Brittingham
2009-07-30 00:37:48
A:
My favorite is Ralf's documentation for apache modssl. This page explains how to make a test cert. It's the one I always go to when I need to make one.
lumpynose
2009-07-30 00:36:50
A:
Obviously since you're using Java and Apache this isn't going to be much good but anyhow, if you also do any .Net development you'll have these tools available and maybe this can help you on your way and actually generate the certificate. I use makecert which is available in the .Net SDK, here's the batch file I use for creating my own SSL certificates for local .Net development and IIS;
@ECHO OFF
REM
REM This script will create a certificate to enable HTTPS for the localhost in IIS
REM Complete the following steps to install the certificate
REM
REM 1. Run this file to create the certificate
REM 2. Open MMC.exe
REM 3. Click File > Add/Remove Snap In > Add and select 'Certificates'
REM 4. Select 'Computer Account'
REM 5. Select 'Local Computer' and click 'Finish', 'Close', 'OK'
REM 6. Expand Certificates > Personal > Certificates, the new certificate should be listed
REM 7. In IIS open the Properties of the Default Web Site
REM 8. Select 'Directory Security' tab and click 'Server Certificate'
REM 9. The Certificate Wizard will open, choose 'Assign Existing Certificate' [may need to cancel a pending certificate request]
REM 10. Select new certificate from list and accept change
REM 11. Ensure that the site is using the default port for SSL 443
REM
C:
CD \
CALL "C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin\sdkvars.bat"
ECHO Creating Certificate
makecert -r -pe -n "CN=localhost" -b 01/01/2000 -e 01/01/2036 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
PAUSE
Change the "CN=localhost" if you use another host header to acces the site, you'll maybe need to change the path in the CALL statement depending on which version of Visual Studio you have.
Dave Anderson
2009-07-30 11:32:24