Let’s Encrypt is a free (CA) Certificate Authority that has become a popular alternative for generating free SSL certificates. Let’s Encrypt allows you to create a fully functional SSL certification with chain files that is valid for 3 months (90 days). After 3 months, you can automatically renew the SSL certificate again for another 3 months, and so on.
For those of us that host websites using MAMP, you can easily setup your HTTPS sites to use SSL certificates from Let’s Encrypt and have them automatically renewed every 3 months. Let’s get started.
Install CertBot & Create SSL Certificates
- First, we need to install Homebrew for Mac in order to use CertBot from Let’s Encrypt. Type the following command in Terminal to install Homebrew.
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Let Homebrew install and do it’s thing. Homebrew may install other dependencies, so let it.
- Next, type the following command in Terminal to install CertBot.
brew install certbot
- Now, we are ready to create an SSL certificate for a website. Type the following command in Terminal below replacing the paths as follows. This command uses “webroot authentication” method which allows CertBot to verify you are the owner of your website by placing a challenge phrase inside /yoursitefolder/.well-known folder and validating your hosting DNS records.
sudo certbot certonly --webroot -w /Applications/MAMP/htdocs/MYSITE.COM/ -d mysite.com -d www.mysite.com
*Change /Applications/MAMP/htdocs/MYSITE.COM/ to your webroot directory for the site you are creating an SSL certificate for.
*Change mysite.com and www.mysite.com to your domain names.
Hit enter. It only takes a few seconds for CertBot to successfully create your SSL certificates.
- CertBot creates your certificates in a couple locations. Browse to the following path below (Go -> Go to Folder...)
This is where CertBot will store and renew your SSL certificates! CertBot will create .pem files which will work just fine in MAMP Pro.
Live Folder: Alias’ to our real certificate files in archive folder
Archive Folder: Your actual certificate files.
Note: You will have to give yourself access to the Live and Archive folders. Right-Click a folder -> Get Info. Click the lock. Click the “+” and add your Mac user account to the folder and Read & Write access. Click Apply to enclosed items…
- Create an alias of the live folder and move the alias to your desktop.
Configure MAMP Pro to Point to Let’s Encrypt SSL Certificates
- Open MAMP Pro.
- Select the HTTP(S) host version of your website and choose the SSL tab.
- Point to your certificate PEM files. Open each certificate file using the live alias folder on your desktop. Ensure Automatically resolve aliases and symbolic links is checked at the bottom of the window next to options.
Certificate File (.key) = cert1.pem [Key File]
Certificate Key File (.crt) = privkey1.pem [Certificate File]
Certificate Chain File (.crt) = chain1.pem [CA File]
- Click Save. MAMP Pro will restart Apache for the new SSL certificates to take affect.
- Browse to your website and ensure your new Let’s Encrypt certificate is now installed!
Issued by: Let’s Encrypt Authority X3
To ensure you correctly installed your certificates in MAMP Pro, use an SSL validator here.
After 90 days, your SSL certificate will expire. To renew your SSL certificate prior to it expiring, issue the command certbot renew.
You can also automate your SSL certificate renewals. See this article.
Also, see our article on using MAMP to redirect HTTP to HTTPS.