Self-signed SSL certificates not working with MAMP and Chrome

Question

SSL certificates created by MAMP are not working in Chrome. I'm getting a "Not secure" issue.

Is there a workaround for this?

Also see [How do you sign Certificate Signing Request with your Certification Authority](http://stackoverflow.com/a/21340898/608639) and [How to create a self-signed certificate with openssl?](http://stackoverflow.com/q/10175812/608639) You will also need to place the self-signed certificate in the appropriate trust store. — jww, Jun 17 '17 at 14:52

codewithfeeling · Accepted Answer · 2020-09-23T23:05:59.517

**NOTE: Since I posted this, Google have acquired the .dev top level domain, so it's not advised to use .dev hostnames for your local development. I use *.dv now. When reading this answer, please replace .dev with .test or something else when recreating the steps in your own project. Use of .local is not advised **

Chrome now requires SSL certificates to use the "Subject Alt Name" (SAN) rather than the old Common Name. This breaks self-signed certs previously generated by MAMP.

Fortunately, the workaround is pretty straightforward.

Here are all the steps from the very first moment of setting a host to be SSL in MAMP Pro. If you previously created SSL certificates in MAMP, then I've found that deleting them and starting again using this method works.

Create your hostname, eg. test.dev and select your document root
Click the SSL tab, and check the "SSL" box. Make sure you leave the other checkbox "Only allow connections using TLS protocols" unchecked.

Click the "Create self signed certificate" button and fill in the popup form with the relevant details. Click "Generate" and save the certificate in /Applications/MAMP/Library/OpenSSL/certs/

Save your changes in MAMP, and restart the servers.
Click the round arrow button beside "Certificate file" in the MAMP SSL panel (Show in Finder). Double click the .crt file that is highlighted - it should be named like your host, eg. if your host is test.dev then your certificate file will be test.dev.crt. This should open Keychain Access and you should see the new certificate in there.
Right click / Control click on the certificate, and choose "Get Info". Click the drop-down triangle beside "Trust"

From the "When using this certificate" selector, choose "Always Trust" - every selector should change to show "Always Trust". Close that window. It will ask for your Mac OS system password to make that change. You should see that the certificate icon shows a little blue plus sign icon over it, marking it as trusted.

Restart Chrome.
Visit your new hostname, and enjoy the green https in the browser bar.

the tld .local can make page reload slow in some cases (due to rate limiting defaults for .local domains on mac or something). So I use .test now — kevnk, Jan 29 '20 at 19:31
@kevnk - yes, I've heard that too. I'm going to overhaul the answer to work with the latest version of MAMP and will include this. — codewithfeeling, Jan 29 '20 at 21:58
Brilliant explanation. The screenshots make a big difference. Thank you. — Mark Notton, Sep 09 '20 at 13:18
Two relevant discussions to the .TLD thing... [What TLD do you use for local development? | Hacker News](https://news.ycombinator.com/item?id=12578908) and [What would be a better tld than .dev?](https://github.com/typicode/hotel/issues/218) — brasofilo, Nov 01 '20 at 22:59

score 6 · Answer 2 · answered Oct 30 '18 at 06:50

6

I followed the answers. What worked for me was setting the port number to 443 in the general tab

answered Oct 30 '18 at 06:50

Jadrenko

71
2
8

score 4 · Answer 3 · answered Jan 01 '18 at 11:53

4

If the solution above doesn't help, go to chrome://flags look for "Allow invalid certificates for resources loaded from localhost" and enable it, restart Chrome and you should be good to go.

answered Jan 01 '18 at 11:53

Xelance

112
2

1

Hi, I have tried both adding trusted certificates and adding this flag. I can confirm that both are in place, but this is still not working? – GCien Feb 26 '18 at 09:15

score 3 · Answer 4 · answered Apr 12 '18 at 13:33

3

For those that are still having issues, try using port 8890. The default MAMP ssl port is 8890 so visit https://test.dev:8890. Worked for me.

answered Apr 12 '18 at 13:33

Douglas Rogers

398
2
9

score 1 · Answer 5 · answered Jan 30 '19 at 16:43

For me, it wasn't necessary to use MAMP Ports but instead they were kept at Apache defaults. I also didn't need to specify port 443. What did help once I created the self-signed cert was to install the certificate icon that shows in Chrome into my Mac Keychain by dragging the image to the desktop and double-clicking it. Once it's installed into the Mac Keychain, you can set it to trust the cert.

Refer to this illustrated answer: https://www.accuweaver.com/2014/09/19/make-chrome-accept-a-self-signed-certificate-on-osx/

MAMP Pro 4.5
Chrome 71

THANK YOU! I've been trying to work this out for ages! – Jammer May 01 '19 at 13:11 — Jammer, May 01 '19 at 13:11

Self-signed SSL certificates not working with MAMP and Chrome

5 Answers5