Use SSL on Laravel Homestead

Question

I'm using Laravel Homestead and it is working fine. Now I want to implement HTTPS on one of my sites.

I found that to achieve that you just need to add ssl: true into Homestead.yaml and then run vagrant reload --provision.

I can see it working when I run above command which shows:

==> homestead-7: Running provisioner: shell...
    homestead-7: Running: script: Creating Certificate: laravel-cashier.local
==> homestead-7: Running provisioner: shell...
    homestead-7: Running: script: Creating Site: laravel-cashier.local

And in /etc/nginx/ssl, I can see these 3 files are created:

-rw-r--r-- 1 root root  683 Jul 19 16:26 laravel-cashier.local.cnf
-rw-r--r-- 1 root root 1269 Jul 19 16:26 laravel-cashier.local.crt
-rw-r--r-- 1 root root 1704 Jul 19 16:26 laravel-cashier.local.key

But what next?

When I'm trying to run the site with https:

Do I need to do any other steps?

Note: I'm using latest Homestead version 2.1.0.

I have already seen many posts, but I think they are too old and doesn't provide exact steps to achieve the result:

https://laracasts.com/discuss/channels/tips/tip-how-to-enable-ssl-in-homestead-20

https://laracasts.com/discuss/channels/servers/homestead-ssl

Laravel Homestead - SSL set up

Can you add some details about what is not secure, If you click where it says Not Secure in the address bar you should be able to see exactly what the browser does not like about the situation. Since the site actually displays I would guess that it is not an SSL issue but it probably does not like your self generated certificate. — Chris Baldwin, Jul 23 '17 at 09:06
Did you ever get local dev SSL working in Chrome? I can't get @fquinto's answer to work. — Ryan, Feb 24 '18 at 22:05
Hi ParthVora. I've spent many hours over many weeks still trying to get SSL working in Chrome for my local site. Did you ever get local dev SSL working in Chrome? I can't get @fquinto's answer to work. Thanks. — Ryan, Mar 31 '18 at 03:36
I've added a big bounty to my question about getting Chrome or Firefox to accept a local certificate: https://stackoverflow.com/q/48969083/470749 — Ryan, Mar 31 '18 at 23:03

score 15 · Answer 1 · answered Dec 11 '17 at 14:31

15

I assume you are using Windows + Vagrant machine with Homestead.
In this case laravel-cashier.local is your web application.

You need to copy the certificate inside Vagrant, in Nginx to external folder:

$ sudo cp /etc/nginx/ssl/laravel-cashier.local.crt ~/laravel-cashier/laravel-cashier.local.crt

In Windows environment you can install this certificate with double-click and select the next specific storage:

Trusted Root Certification Authorities

Restart your browser. Done.

More info about how to add certificate: https://technet.microsoft.com/en-us/library/cc754841(v=ws.11).aspx#BKMK_addlocal

NOTE: This is valid for specific browser: Google Chrome

answered Dec 11 '17 at 14:31

fquinto

527
7
12

2

This just saved my life – Kerry Jones Dec 16 '17 at 04:39
What worked for me was https://mypcname.local:44300/ as mentioned here: https://laracasts.com/discuss/channels/servers/homestead-ssl/replies/308399 I didn't know that specifying the port (44300) would be important. My hosts file has `192.168.10.10 mypcname.local`. – Ryan Feb 08 '18 at 23:38
This still hasn't worked for me. The steps seem reasonable, but I've tried them many times, and still my local site says "Not secure" even though it's served via https (via the 44300 port of Homestead). – Ryan Feb 23 '18 at 00:26
I've added a big bounty to my question about getting Chrome or Firefox to accept a local certificate: https://stackoverflow.com/q/48969083/470749 – Ryan Mar 31 '18 at 23:03
2

What worked for me was to copy the root certificate when following these steps - ca.homestead.homestead.crt – Tim Ramsey Apr 18 '18 at 20:35
@TimRamsey I want to thank you graciously. Your simple comment has just brought to an end about 8 hours of utter frustration. This was the most ridiculous problem I've encountered using Windows for web development in quite some time. I still have no clue why the individual site certificates are being rejected. Madness. Anyway, thank you again. – Inigo Oct 12 '18 at 17:33
2

Worked for me only after I imported both certificates: `/etc/nginx/ssl/ca.homestead.homestead.crt` as well as `/etc/nginx/ssl/mypage.test.crt` – Alexander Taubenkorb Apr 10 '19 at 11:12
@AlexanderTaubenkorb and Tim Ramsey - many thanks! Copying both certificates worked for me too. – w5m Aug 12 '19 at 14:08
Actually, it seems that all of my homestead apps now work nicely via https, even though I've not added a project-specific certificate for each app. I'd therefore conclude that it is only necessary to add the ca.homestead.homestead.crt certificate and not any project-specific ones. – w5m Aug 12 '19 at 14:58
FYI - homestead from my experience isn't good about replacing expired certifications, so you may need run `sudo rm /etc/nginx/ssl/certinquestion.crt` and `vagrant reload --provision` if you run into a expired certificate – Tim Ramsey Jun 25 '20 at 18:11
`/etc/nginx` exists, however contains no `/ssl` folder =( – Kalnode Oct 04 '21 at 19:45

Yevgeniy Afanasyev · Answer 2 · 2020-01-07T23:53:34.967

3

This is only a year old question but it feels like it is a really old one.

Fist - with a version 6.1.0 of 'laravel/homestead" vagrant box you don't need any ssl: true, it is active by default, however your browser would not know if it can trust the ssl certificate anyway.

The browser trust is a different issue to laravel and homestead, please see this answer to solve it.

edited Jan 07 '20 at 23:53

answered Sep 14 '18 at 02:50

Yevgeniy Afanasyev

37,872
26
173
191

score 1 · Answer 3 · answered Jul 23 '17 at 09:25

1

It is as I first suspected and mentioned in my comment. You SSL config seems correct since it reports the connection is secure. You are using a self signed certificate, which is fine for development, but it not signed by a recognized Certificate Authority and therefore the browser will not trust it. However once you deploy your project to the general public you will want to purchase a certificate from a recognized Certificate Authority. Once you have that certificate then this error will go away.

answered Jul 23 '17 at 09:25

Chris Baldwin

539
3
9

ok, is there any way I can get fully functional SSL certificate on my local development? I'm using Nginx. – Parth Vora Jul 23 '17 at 12:41
Technically the SSL connection is working. The connection is encrypted. All the browser is trying to bring to your attention is that the certificate that is being used has not been verified by a certificate authority that the browser recognizes. In development that should not be a problem because you know where the certificate comes from. Once you have the public accessing your site then you will want to change it so other people will know they can trust your site. – Chris Baldwin Jul 23 '17 at 17:23
You can always buy a certificate from a certificate authority to use in development, however that seems like an unnecessary development expense to me. – Chris Baldwin Jul 23 '17 at 18:34

score 0 · Answer 4 · answered Jun 04 '21 at 22:36

0

If you use Laravel 8 Homestead with packages like Cashier/Stripe a good workaround with Firefox is applying certification exception for your server, query for "about:preferences" then search for certificates and add the exception.

answered Jun 04 '21 at 22:36

CutePotato

191
1
8

Use SSL on Laravel Homestead

4 Answers4

Linked