Zend Server 8 and up
Mac OS X 10.10
This recipe have the basics of enabling the default template of HTTPS which comes with Zend Server. It also refers to self-signed certificates for testing and development if you need such.
Note about missing certificate:
By default, Zend Server included Apache does not have the SSL certificate files in place. HTTP SSL conf expects to find them in /usr/local/zend/apache2/conf/ and if they are missing, you will get this error when starting Apache:
SSLCertificateFile: file '/usr/local/zend/apache2/conf/server.crt' does not exist or is empty
See below how to create self-signed certificates in the above path if needed.
To enable SSL vhost (don't skip step 3):
2. find and uncomment (remove the leading #) the following line:
3. edit /usr/local/zend/apache2/conf/extra/httpd-ssl.conf to suit your SSL needs - see notes below
4. restart Apache using /usr/local/zend/bin/zendctl.sh restart-apache
5. Load https://<hostname> in your browser to test (if the port is 443, otherwise add :<port> to the URL)
Note about Port: If you have port 443 already taken, change the port in '', on all places it appears (search and replace is good here).
Note about SSL vhost in general: You better go over the configuration in /usr/local/zend/apache2/conf/extra/httpd-ssl.conf to verify the site name (_DEFAULT_ by default), ServerName and ServerAdmin are correct, before saving and restarting Apache. Make SURE the VirtualHost directive has NO Hostname, like this:
Note about certificates: if you DO NOT use the default path '/usr/local/zend/apache2/conf/' for placing 'server.crt' and 'server.key', change the appropriate configuration to load SSLCertificateFile, SSLCertificateKeyFile and if used, SSLCertificateChainFile from the correct location.
To create a self-signed certificate on Mac, using the Mac openssl, you can run this command and follow-up with some information to the prompts. Once finished collecting certificate information, the key and crt files will be created, and you need to restart Apache to use the SSL vhost.