score:1

Accepted answer

use something like root ssl certificate

generate a key

openssl genrsa -des3 -out rootca.key 2048

with they key you can generate a certificate which is good for 1,024 days

openssl req -x509 -new -nodes -key rootca.key -sha256 -days 1024 -out rootca.pem

open keychain access on your mac and go to the certificates category and emport that rootca.pem generated from the last step. double click and under "when using this certiciate" select 'always trust'

create an openssl configuration file

 server.csr.cnf

 [req]
 default_bits = 2048
 prompt = no
 default_md = sha256
 distinguished_name = dn

 [dn]
 c=us
 st=randomstate
 l=randomcity
 o=randomorganization
 ou=randomorganizationunit
 emailaddress=hello@example.com
 cn = localhost

create a v3.ext file to create a x509 v3 certificate.

authoritykeyidentifier=keyid,issuer
basicconstraints=ca:false
keyusage = digitalsignature, nonrepudiation, keyencipherment, dataencipherment
subjectaltname = @alt_names

[alt_names]
dns.1 = localhost

create a certificate key for localhost using the configuration settings stored in server.csr.cnf. this key is stored in server.key.

openssl req -new -sha256 -nodes -out server.csr -newkey rsa:2048 -keyout server.key -config <( cat server.csr.cnf )

a certificate signing request is issued via the root ssl certificate we created earlier to create a domain certificate for localhost. the output is a certificate file called server.crt.

openssl x509 -req -in server.csr -ca rootca.pem -cakey rootca.key -cacreateserial -out server.crt -days 500 -sha256 -extfile v3.ext

you’re now ready to secure your localhost with https. move the server.key and server.crt files to an accessible location on your server and include them when starting your server.

in an express app written in node.js, here’s how you would do it. make sure you do this only for your local environment. do not use this in production.

var path = require('path')
var fs = require('fs')
var express = require('express')
var https = require('https')

var certoptions = {
  key: fs.readfilesync(path.resolve('build/cert/server.key')),
  cert: fs.readfilesync(path.resolve('build/cert/server.crt'))
}

var app = express()

var server = https.createserver(certoptions, app).listen(443)

check https://github.com/dakshshah96/local-cert-generator/ for more detailed instructions


Related Query

More Query from same tag