paliarush
commented
8 years ago Hi Jason, here is how I enable SSL on this environment:
#!/usr/bin/env bash
sudo apt-get update
sudo apt-get install openssl
sudo a2enmod ssl
sudo mkdir -p /etc/ssl/private/
sudo openssl genrsa -des3 -out /etc/ssl/private/magento2.vagrant.key 4096
# User input
sudo openssl req -new -key /etc/ssl/private/magento2.vagrant.key -out /etc/ssl/private/magento2.vagrant.csr
# User input
sudo openssl x509 -req -days 365 -in /etc/ssl/private/magento2.vagrant.csr -signkey /etc/ssl/private/magento2.vagrant.key -out /etc/ssl/private/magento2.vagrant.crt
# User input
sudo openssl rsa -in /etc/ssl/private/magento2.vagrant.key -out /etc/ssl/private/magento2.vagrant.key.insecure
# User input
sudo mv /etc/ssl/private/magento2.vagrant.key /etc/ssl/private/magento2.vagrant.key.secure
sudo mv /etc/ssl/private/magento2.vagrant.key.insecure /etc/ssl/private/magento2.vagrant.key
sudo service apache2 restartAnd in magento2.conf replace contents with the following. It is better not to use mixed mode so when HTTPS is enabled HTTP should be disabled:
<IfModule ssl_module>
<VirtualHost *:443>
ServerName magento2.vagrant
SSLEngine on
SSLCertificateFile /etc/ssl/private/magento2.vagrant.crt
SSLCertificateKeyFile /etc/ssl/private/magento2.vagrant.key
DocumentRoot /<your_path>/magento2ce
<Directory /<your_path>/magento2ce>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule>And there is tricky part, when you try to enable/disable varnish (see https://github.com/paliarush/magento2-vagrant-for-developers/blob/2.0/scripts/guest/configure_varnish), your 443 host may be reset.
Jason, if you can resolve issues with varnish and eliminate user input steps - I would be glad to see a PR from you.
jasonheecs
I think it would be great if there was an automated way to provision the Vagrant box for self-signed SSL support. Maybe it should be a bash script that the user can run? What do you think?