An Interest In:
Web News this Week
- April 3, 2024
- April 2, 2024
- April 1, 2024
- March 31, 2024
- March 30, 2024
- March 29, 2024
- March 28, 2024
creating a self signed ssl certificate and making your browser trust it
So i needed to make localhost with ssl certificate but couldn't find a way to create a certificate. After a few hours i found the solution. So first of all:
1) openssl genrsa -out rootCA.key 2048
2) openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem
After those 2 commands you should get 2 files (rootCA.key & rootCA.pem
3) Now let's create a bash script. I'll name it create_certificate_for_domain.sh
to begin type this lines:
if [ -z "$1" ]then echo "Please supply a subdomain to create a certificate for"; echo "e.g. mysite.localhost" exit;fiif [ -f device.key ]; then KEY_OPT="-key"else KEY_OPT="-keyout"fiDOMAIN=$1COMMON_NAME=${2:-$1}SUBJECT="/C=CA/ST=None/L=NB/O=None/CN=$COMMON_NAME"NUM_OF_DAYS=999cat v3.ext | sed s/%%DOMAIN%%/$COMMON_NAME/g > /tmp/__v3.extopenssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days $NUM_OF_DAYS -sha256 -extfile /tmp/__v3.extmv device.csr $DOMAIN.csrcp device.crt $DOMAIN.crtrm -f device.crt;
4) create csr file
openssl req -new -newkey rsa:2048 -sha256 -nodes $KEY_OPT device.key -subj "$SUBJECT" -out device.csr
5) now we have to create a support file with settings. I'll call it v3.ext
authorityKeyIdentifier=keyid,issuerbasicConstraints=CA:FALSEkeyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEnciphermentsubjectAltName = @alt_names[alt_names]DNS.1 = %%DOMAIN%%DNS.2 = *.%%DOMAIN%%
5) Now run the script./create_certificate_for_domain.sh mysite.localhost
6) We get 2 files: mysite.localhost.crt && device.key
7) We have to link them to our localhost (nginx example)
8)open our link in browser. you should get security error
9) go into keychain and trust our mysite.localhost.crt
10) open the browser again and open localhost. That's it, you should be good to go!
Original Link: https://dev.to/cvltyxd/creating-a-self-signed-ssl-certificate-and-making-your-browser-trust-it-2blo
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To