Last active
June 11, 2017 10:16
-
-
Save PoTHuYJoHN/38bb6d7c6fcded6dbb2864ea4f74bd8b to your computer and use it in GitHub Desktop.
Generate SSL certificate on Mac OS and add to virtual host
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| STEP 1 | |
| cat > openssl.cnf <<-EOF | |
| [req] | |
| distinguished_name = req_distinguished_name | |
| x509_extensions = v3_req | |
| prompt = no | |
| [req_distinguished_name] | |
| CN = *.ua.l | |
| [v3_req] | |
| keyUsage = keyEncipherment, dataEncipherment | |
| extendedKeyUsage = serverAuth | |
| subjectAltName = @alt_names | |
| [alt_names] | |
| DNS.1 = *.ua.l | |
| DNS.2 = ua.l | |
| EOF |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| STEP 2 | |
| openssl req \ | |
| -new \ | |
| -newkey rsa:2048 \ | |
| -sha1 \ | |
| -days 3650 \ | |
| -nodes \ | |
| -x509 \ | |
| -keyout ssl.key \ | |
| -out ssl.crt \ | |
| -config openssl.cnf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| STEP 3 | |
| mv ssl.crt /etc/apache2/ssl/ua.l.crt | |
| mv ssl.key /etc/apache2/ssl/ua.l.key | |
| rm openssl.cnf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| STEP 4 | |
| cd /etc/apache2/ssl | |
| open /Applications/Utilities/Keychain\ Access.app ua.l.crt | |
| Click Don't Trust. | |
| Select the newly imported certificate, which should appear at the bottom of the certificate list, and click the [i] button. | |
| In the popup window, click the ▶ button to the left of Trust, and select Always Trust for When using this certificate:. | |
| Close the popup window. | |
| When prompted, enter your password again and click Update Settings. | |
| Close Keychain Access. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| STEP 5 | |
| <VirtualHost *:443> | |
| ServerAdmin webmaster@localhost | |
| ServerName ua.l | |
| ServerAlias *.ua.l | |
| DocumentRoot "/Users/ivan/code/htdocs/ua.l/public" | |
| ErrorLog /var/log/apache2/ua.l_ssl.log | |
| SSLEngine on | |
| SSLCertificateFile /etc/apache2/ssl/ua.l.crt | |
| SSLCertificateKeyFile /etc/apache2/ssl/ua.l.key | |
| </VirtualHost> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment