Home/ Questions/Q 3681352
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-19T03:40:49+00:00

I have a Mac OS with Snow Leopard v10.6.5 and I am developing a

  • 0

I have a Mac OS with “Snow Leopard” v10.6.5 and I am developing a Ruby on Rails 3 application using Passenger Preference Pane v 1.3.

To continue to develop my application I need a SSL support, but I have a similar problem.

The steps I’ve followed are from a default apache osx install:

  1. Install Passenger and Passenger Preference Pane.
  2. Add my Ruby on Rails application (that works)
  3. Create my ca.key, server.crt and server.key as detailed on the Apple website

… but during the third step I had to stop for the following reasons happened on editing the /private/etc/apache2/httpd.conf file (see the Apple website for more info):

1.
Port 80 should be changed to #Port 80.

I have not found “Port 80”, but I think this is not a problem because even if it is present in the code, it has been commented out.

2.
You will need to add the following just below where the Port directive was:

< IfModule mod_ssl.c>
    Listen 443
    Listen 80
< /IfModule>

If I add these lines of code and restart apache2, my application no longer works.

3.
[...] The two lines should now look like this:

LoadModule ssl_module libexec/httpd/libssl.so

AddModule mod_ssl.c

Since the code ‘AddModule mod_ssl.c’ does not exist (LoadModule is ready for use), I tried to add it and restart apache2, but my application no longer works.

4.
Now find the “ServerName” directive and make sure it has 127.0.0.1 for it’s entry.

ServerName 127.0.0.1

I do not know if I have to enter it, since I use Passenger. However, in the file I found the line of code (already commented) ‘#ServerName http://www.example.com:80’.

Regarding the code for Passenger for the SSL certificates, I suppose that it must be the same as the problem reported above.

I think that this is due to the fact that the guide was written a long time ago. So, what should I do to use SSL with apache2?

Just to be clear, I also include the code related to Passenger Preference Pane…

…/private/etc/apache2/httpd.conf

   LoadModule passenger_module /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.2/ext/apache2/mod_passenger.so
   PassengerRoot /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.2
   PassengerRuby /usr/local/bin/ruby

# Added by the Passenger preference pane
# Make sure to include the Passenger configuration (the LoadModule,
# PassengerRoot, and PassengerRuby directives) before this section.
<IfModule passenger_module>
  NameVirtualHost *:80
  <VirtualHost *:80>
    ServerName _default_
  </VirtualHost>
  Include /private/etc/apache2/passenger_pane_vhosts/*.conf
</IfModule>

…/private/etc/apache2/passenger_pane_vhosts/subdomain.domain.com.vhost.conf

<VirtualHost *:443>

  ServerName subdomain.domain.com
  DocumentRoot "/Users/<my_user_name>/Sites/subdomain/public"
  RackEnv development
  <Directory "/Users/<my_user_name>/Sites/subdomain/public">
    Order allow,deny
    Allow from all
  </Directory>

  # SSL Configuration
  SSLEngine on
  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
  SSLOptions +FakeBasicAuth +ExportCertData +StdEnvVars +StrictRequire

  #Self Signed certificates
  SSLCertificateFile /private/etc/apache2/ssl/server.crt
  SSLCertificateKeyFile /private/etc/apache2/ssl/server.key
  SSLCertificateChainFile /private/etc/apache2/ssl/ca.crt

  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

</VirtualHost>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I just hit the same issue and this is what I did to get it working.

    Follow your same steps to generate the keys (also further on it mentions removing the passphrase. I had to do this for things to work).

    Next, I did the following to enable SSL on Apache:

    In the “/private/etc/apache2/httpd.conf” file on my Snow Leopard there was a line:

    # Include /private/etc/apache2/extra/httpd-manual.conf

    I just removed the # and saved the file.

    Next edit the file (/private/etc/apache2/extra/httpd-manual.conf) and make sure 

    SSLCertificateFile
SSLCertificateKeyFile

    point to the correct key files that you created.

    Next there is an entry in the same file (/private/etc/apache2/extra/httpd-manual.conf) that begins:

    <VirtualHost _default_:443>

    I had to comment out that file and everything after it (or you could just delete it) up to the 

    </VirtualHost>

    entry. That entry conflicted with my site.

    The Virtual host entry you had looks correct, but for completeness I will add mine here.

    I just modified the original Vhost file that was created by Passenger PrefsPane for my site:

    <VirtualHost *:443 *:80>
  ServerName mysite.local
  DocumentRoot "/Users/username/mysite/public"
  RackEnv development
  <Directory "/Users/username/mysite/public">
    Order allow,deny
    Allow from all
  </Directory>
  SSLEngine on
  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  SSLOptions +FakeBasicAuth +ExportCertData +StdEnvVars +StrictRequire
  SSLCertificateFile /etc/apache2/sslkey/server.crt
  SSLCertificateKeyFile /etc/apache2/sslkey/server.key
  SSLCertificateChainFile /etc/apache2/sslkey/ca.crt
  SetEnvIf User-Agent &quot;.*MSIE.*&quot; nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>

    Next restart Apache and you should be good to go. 🙂

    • 0