I need to see how a web application will work with HTTPS. But I can't really find much information around about it. I tried to set up my local Apache but I can't find a CA autorithy to sign my certificate... Hints? Suggestions?
The possibilities to consider are:
Nr. 1 is probably the most widely used solution. You can find instructions here. The only disadvantage is that browsers will complaint about the unknown CA. In Firefox, you can just add a permanent exception and get rid of the warning. (Neither Chrome nor Internet Explorer seem to provide such option.)
Nr. 2 normally costs money so it isn't a popular choice for dev environments.
Nr. 3 can be obtained for free (see https://www.cacert.org/) but they also trigger a browser warning. A difference with nr. 1 is that you have the possibility of adding the CA to your browser's trusted authorities; however, that's a serious decision that requires serious consideration because of its security implications. In general, I would not recommend it for mere testing.
Self-signed certificates (as already mentioned) are probably the easiest option for a single host.
If there are a few hosts, you could create a mini CA of your own. There are tools for this, for example:
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With