How To Enable SSL On Zend Server for Mac

Applies to:

Zend Server 8 and up
Mac OS X 10.10

Summary

This recipe have the basics of enabling the default template of HTTPS which comes with Zend Server. It also refers to self-signed certificates for testing and development if you need such.

Instructions

To enable SSL vhost (don't skip step 3):

1. edit/usr/local/zend/apache2/conf/httpd.conf
2. find and uncomment (remove the leading #) the following line:

3. edit /usr/local/zend/apache2/conf/extra/httpd-ssl.conf to suit your SSL needs - see notes below
4. restart Apache using /usr/local/zend/bin/zendctl.sh restart-apache

5. Load https://<hostname> in your browser to test (if the port is 443, otherwise add :<port> to the URL)

Notes

Note about Port: If you have port 443 already taken, change the port in '', on all places it appears (search and replace is good here).

Note about SSL vhost in general: You better go over the configuration in /usr/local/zend/apache2/conf/extra/httpd-ssl.conf to verify the site name (_DEFAULT_ by default), ServerName and ServerAdmin are correct, before saving and restarting Apache. Make SURE the VirtualHost directive has NO Hostname, like this:
<VirtualHost *:443>

Note about certificates: if you DO NOT use the default path '/usr/local/zend/apache2/conf/' for placing 'server.crt' and 'server.key', change the appropriate configuration to load SSLCertificateFile, SSLCertificateKeyFile and if used, SSLCertificateChainFile from the correct location.

Self-Signed test certificates

To create a self-signed certificate on Mac, using the Mac openssl, you can run this command and follow-up with some information to the prompts. Once finished collecting certificate information, the key and crt files will be created, and you need to restart Apache to use the SSL vhost.