1. mampsupportmod
  2. MAMP - Official Guides
  3. Monday, 28 January 2019

Let's Encrypt is a free, automated, and open Certificate Authority (CA) brought to you by the non-profit Internet Security Research Group (ISRG). Several MAMP / MAMP Pro users utilize Let's Encrypt SSL certificates for their development and production environments because they are free. Let's Encrypt SSL's expire every 90 days or 3 months, therefore they must be renewed more often than other paid SSL's. However, you can easily automate Let's Encrypt SSL renewals which we will outline below.

 

Install HomeBrew for Let's Encrypt CertBot - Mac OS X

1. In order to create and install Let's Encrypt SSL certificates on Mac OS X with MAMP, we need to utilize CertBot. CertBot allows us to request and renew SSL certificates from Let's Encrypt. To get started, we need to install Homebrew which will allow us to install CertBot. Homebrew is a package manager for Mac OS X.

 

2. The HomeBrew website tells us to use the following command in Terminal to install. Visit the HomeBrew website to confirm you are using the latest command. Type the following command in Terminal:

 

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

mac os x install homebrew

 

3. Hit return to continue installing HomeBrew. You will need to enter your Mac OS X account password. The HomeBrew install will take about 5-10 minutes depending on your Internet speed and whether or not you have command line tools already installed.

 

 

Install CertBot - Mac OS X 

1. In Terminal, type the following command to install CertBot.

 

brew install certbot

 

Note: If you already installed CertBot from a previous install, you can check to upgrade CertBot. Use command 'brew upgrade certbot'.

 

 

Create a Let's Encrypt SSL Certificate Using CertBot

1. We are ready to create SSL certificates. First, identify your website host root directory in MAMP for the website domain you want to create the SSL certificate for. For example, /Users/Applications/MAMP/htdocs/mysite.com. Next, replace your website directory path and domain name with the command below. This generates a www and non-www version SSL for your domain name.

 

sudo certbot certonly --webroot -w /YOUR-USER/Applications/MAMP/htdocs/mysite.com -d mysite.com -d www.mysite.com

 

2. If successful, CertBot will create your first SSL certificates as well as new folders for which future SSL certificates will be stored in.

Note: In order for CertBot to create you an SSL certificate, it must validate your domain name. CertBot will create a well-known hidden folder inside your website root host and pass a temporary challenge acme key. Therefore, you will need to enable MAMP Pro for external access to your website host. In addition, you will need to ensure CertBot can access your website root directory. Sometimes, .htaccess redirects can conflict with this and cause the process to fail.

 

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/mysite.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/mysite.com/privkey.pem
Your cert will expire on XXXX-XX-XX. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"

 

Setup Correct Permissions for CertBot (Let's Encrypt) SSL Certificates - Mac OS X 

1. CertBot created the following directory: /etc/letsencrypt/. You can access it using the Go menu of Mac OS X and typing that path.

 

2. The letsencrypt directory contains your SSL certificate folders. We need to change permissions for the archive and live folders.

 

ssl lets encrypt folders mac os x archive live

 

3. Right-click on the archive and live  folders and open their permissions (Get info -> Sharing & Permissions). Add your Mac OS X user and grant read & write access to each folder. Click Apply to enclosed items...

 

letsencrypt read write permissions folder

 

 

Add Let's Encrypt SSL Certificate to MAMP Pro Host - Mac OS X

1. Now, we'll add our SSL certificates to our MAMP Pro website host. Select your website host in MAMP Pro -> SSL Tab -> Check SSL Box and select your MAMP Pro SSL certificates accordingly to add them to your host. We want to select the SSL Alias' files in the live folder so when we auto-renew our SSL's, we don't have to update the files again in MAMP Pro. Open each SSL certificate file in MAMP Pro accordingly.

 

SSL Live Folder Path: ‎⁨\YOUR-USER\private⁩\etc⁩\⁨letsencrypt⁩\⁨live⁩

 

Do not check Automatically resolve selected alias or symbolic link when clicking 'Choose'.

mamp pro auto resolve alias symbolic link

  

The MAMP Pro Certificate file is: cert.pem

The MAMP Pro Key file is: privkey.pem

The MAMP Pro Certificate Chain file is: chain.pem

 

mamp pro set apache ssl certificate

 

2. Click Save. MAMP Pro will restart services.

 

 

Validate MAMP Pro Let's Encrypt SSL Certificates Installation

1. Let's ensure we correctly installed the SSL certificates in MAMP Pro for our website. Browse to your website using a browser such as Google Chrome to display the SSL certificate. You should see similar language below. 

 

The connection to this site is using a valid, trusted server certificate issued by Let's Encrypt Authority X3.

 

mamp pro ssl certificate valid

 

You can also use an SSL checker service here.

*To get CertBot to automatically check for SSL certificate renewals for your websites each day, follow this post.



Accepted Answer Pending Moderation
1
Votes
Undo

What you mean with "you will need to enable MAMP Pro for external access to your website host"? What I exactly should to do?

  1. more than a month ago
  2. MAMP - Official Guides
  3. # 1
Accepted Answer Pending Moderation
0
Votes
Undo

 

What you mean with "you will need to enable MAMP Pro for external access to your website host"? What I exactly should to do?

You need to allow MAMP out to the Internet...further read here: https://appsolute.zendesk.com/hc/en-us/articles/215197906-I-m-having-problems-setting-up-my-Mac-as-a-live-server-with-MAMP-PRO

 

  1. more than a month ago
  2. MAMP - Official Guides
  3. # 2
Accepted Answer Pending Moderation
0
Votes
Undo

Thanks. That part missing. Now is clear. However, one more question. I actually MUST to have it done permanently to get it on cron, right? So, that is not solution when I want to have localhost 'mirror' of my real online domain, right (or not, please explain if not, what to do)?

  1. more than a month ago
  2. MAMP - Official Guides
  3. # 3
Accepted Answer Pending Moderation
0
Votes
Undo

Yes, you need to use the cron job to check for updates automatically: #6 ---> https://certbot.eff.org/lets-encrypt/osx-other.html

  1. more than a month ago
  2. MAMP - Official Guides
  3. # 4
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!