How To Set Up a Self-Signed SSL Certificate on MAMP Pro on a MacBook Pro
This article was originally posted on October 29, 2019.
Pretty much all of our clients’ websites use https, and I create local versions of their sites if they are on a WordPress Maintenance Plan.
It took me years to figure out how to do this, but since I did, I’d like to spread the joy and show you how to do it. This tutorial assumes that you are familiar with setting up local sites with MAMP Pro on an Apple computer.
Are you interested in learning about setting up SSH keys on a MacBook Pro?
Create a New Host Using HTTPS
I’m setting up a local WordPress site but this tutorial applies to any type of website (Drupal, Joomla, Static HTML, etc) that will be using https.
To set up your local site on MAMP Pro with https, you will:
- Click the plus button and a new window will slide down.
- Enter the name of your local site. I use an extension that I usually don’t type when browsing the web. In this screenshot, I used a .site extension.
- Pick the directory that you want your local site files to reside in.
- Check the box to generate a self-signed SSL certificate. In this screenshot, I’m creating a WordPress site, but if you’re not creating a WordPress site, don’t check this box.
- Click the Continue button to close the small window.
- Click the Save button to save all of your changes.
Because the self-signed certificate isn’t accepted, you’ll see the following error screen when you try to access your local https site on Chrome.
Self-signed certificates aren’t accepted by browsers by default. To get rid of this warning on Chrome, you will need to change some settings as shown in the screenshot below.
The explanation for the numbers are as follows:
- Go to the SSL tab.
- Check the Enforce TLS protocols and Allow http connections.
- Click the Certificate file icon to bring up the local site’s self-signed certificate directory.
Getting Your Browser to Trust Your Self-Signed Certificate
Next, you’ll open up Apple’s Keychain Access utility by going to Applications -> Utilities -> Keychain Access or you can just type “keychain access” in Spotlight to pull it up. Put your MAMP Pro window next to your Keychain window, so you can drag the certificate file to it like so:
To get your computer to trust your self-signed certificate, you will need to right-click on it in the Keychain Access window. When you do a window like this will pop up.
Click the Get Info option, and you’ll see another window pop up like this.
- Click the arrow right next to Trust, and you’ll see a few more settings appear.
- The only setting you need to change is the one for When using this certificate. Set it to Always Trust.
When you close this window, you’ll be asked to enter your computer’s password to save the settings. Once you do that, your certificate will now be accepted. You can now pull up your local site on Chrome or Safari without the security warning.
Still Getting the Privacy Error on Your Local Site in Chrome?
I’ve encountered a situation where I could pull up my local sites in https with no problem in Safari and Firefox, but I was getting the Privacy Error message on Chrome. In addition to making sure that the Keychain Access settings for your self-signed certificate that you created for your local domain name is set to Always Trust, you need to make sure that the Keychain Access settings for your self-signed root certificate (MAMP_PRO_ROOT_CA in this case) is set to Always Trust as well.
Getting the Privacy Error on Firefox?
To get Firefox to trust MAMP Pro’s self-signed certificate, you’ll need to do the following:
- Go to Settings -> Privacy & Security.
- Scroll down to the Certificates section and click the View Certificates button.
- Click the Import button.
- Go to the folder where MAMP Pro’s root certificate is located (usually it’s is in Applications -> MAMP -> Library -> OpenSSL -> certs) and select it (usually it’s named MAMP_PRO_ROOT_CA.crt).
You can now pull up your local site on Firefox without the security warning.
Thanks to one of our commenters, John, for providing this solution below!
If you feel like this post helped you out, I’d appreciate it if you shared it on your social media accounts. Thanks for reading this tutorial.
Been pulling my hair out trying to figure this out. Your tutorial made it really easy. Thank you for doing this!
I appreciate you letting me know. Thank you!
Thank you very much for these instructions! I’m so glad to finally have this working.
I was able to get Firefox to trust the certificate by following these steps:
1. Navigate to Settings > Privacy & Security and scroll to Certificates (or just use the settings search with the search term “certificates”)
2. Click “View Certificates”
3. Click the Authorities tab
4. Click “Import” below the window of authorities
5. Select MAMP Pro’s root CA file. Mine is named MAMP_PRO_Root_CA.crt and is located at Applications/MAMP/Library/OpenSSL/certs
Firefox now trusts my self signed cert because the MAMP_PRO_Root_CA authority confirms that it’s valid.
Thanks for letting me know how to get Firefox to trust the certificate! I tried it myself, and it worked! I’ll be updating this blog post shortly.