HTTPS and SSL on Localhost Required Now?
Hi, I've recently learned, like others, that the Firefox browser no longer supports plain http requests and automatically diverts to https. I develop websites and have in the past used Apache Virtual Hosts. I want to be able to achieve the same thing, specifically, I want to use the domain name the site will eventually be hosted on, but point to a local directory: localhost/mywebsite newWebsite.com
I'm getting the impression that I will now have to create SSL Certificates for each local site now, so that I can use the https (port 443) protocol. Am I right to assume this, or am I missing something that will make my life easier? I have looked online, but can't find much in the way of answers.
Thanks for reading.
All Replies (3)
So if you run the XAMPP\apache\makecert.bat file and run through the normal rubbish to create the certificates, you can go to the folder C:\XAMPP\apache\conf\ssl.crt double-click it and install the certificate. This sorts the https redirect. You can access localhost/websitename as normal with out having https throw up all over you!!
Now if I could just figure out how to use the virtual hosting properly with this. I created a virtual host and used port 443, as I assume you have to do this. I did try port 80 as well on the off chance! No go!
I have even added to the hosts file as I'm pretty sure the hosts file takes priority over the external request. Correct me if I am wrong.
Are you using the HTTPS-only feature? You can adjust that on the Options/Preferences page:
You can check that here:
- Windows: "3-bar" menu button (or Tools menu) > Options
- Mac: "3-bar" menu button (or Firefox menu) > Preferences
- Linux: "3-bar" menu button (or Edit menu) > Preferences
- Any system: type or paste about:preferences into the address bar and press Enter/Return to load it
In the search box at the top of the page, type https and Firefox should filter the page, bringing the HTTPS-Only Mode section into view.
Otherwise, perhaps you are using a top level domain subject to HSTS (mandatory HTTPS)?
Hi jscher2000,
Thanks for replying. I checked that, and it was disabled. I eventually got it working using the hosts file and the httpd-vhosts.conf file. I also created a certificate with Xampp's makecert.bat file and imported it. After wiping the browsers cache and history, and restarting Apache, all worked very well. I also only need the one certificate to use for all local domains, as the virtual host blocks can all point to the same .crt file.
I know this is bad for live sites as a different name will appear as the trusted source for the additional sites, but for local testing purposes, this was perfectly fine for me.
Wordpress sites are a different matter. These are a nightmare at the best of times!