- Create file
san.cnf
[ req ]
default_bits = 2048
distinguished_name = req_distinguished_name
req_extensions = SAN
extensions = SAN
[ req_distinguished_name ]
countryName = BY
stateOrProvinceName = Minsk
localityName = Minsk
organizationName = Alex
[SAN]
subjectAltName = IP:192.168.31.120
extendedKeyUsage = serverAuth
basicConstraints = CA:TRUE,pathlen:0
- Generate crt and key files
openssl req \
-newkey rsa:2048 \
-x509 \
-nodes \
-keyout myKey.key \
-new \
-out myCert.crt \
-subj /CN=192.168.31.120 \
-config ./san.cnf \
-reqexts SAN \
-extensions SAN \
-sha256 \
-days 365
- Install .crt file on iOS
- Open & Install:
Settings -> Profile Downloaded -> Install
- Enable certificate:
General -> About -> Certificate Trust Settings
- Example of NodeJS server
var https = require('https');
var fs = require('fs');
const options = {
key: fs.readFileSync('./myKey.key'),
cert: fs.readFileSync('./myCert.crt')
};
https.createServer(options, function(request, response) {
response.setHeader('Content-Type', 'application/json');
response.writeHead(200);
response.end('{"test": 1}');
}).listen(3000);
console.log('Server running at http://127.0.0.1:3000/');
Requirements for trusted certificates in iOS 13 and macOS 10.15 - https://support.apple.com/en-us/103769