Make Chromium accept self-signed certificates on localhost server.
- Arch
- Nginx
# Navigate to folder
cd /etc/nginx/ssl
# Become a Certificate Authority
# Generate private key
sudo openssl genrsa -des3 -out myCA.key 2048
# Generate root certificate
sudo openssl req -x509 -new -nodes -key myCA.key -sha256 -days 825 -out myCA.pem
# Create CA-signed certs
# Set global variable
NAME=mydomain.com # Use your own domain name
# Generate a private key
sudo openssl genrsa -out $NAME.key 2048
# Create a certificate-signing request
sudo openssl req -new -key $NAME.key -out $NAME.csr
# Generate cert
# Create a config file for the extensions
sudo nano $NAME.ext
# Insert (change $NAME to value manually) >>
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = $NAME # Be sure to include the domain name here because Common Name is not so commonly honoured by itself
DNS.2 = app.$NAME # Optionally, add additional domains (I've added a subdomain here)
IP.1 = 192.168.0.13 # Optionally, add an IP address (if the connection which you have planned requires it)
# End <<<
# Create the signed certificate
sudo openssl x509 -req -in $NAME.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out $NAME.crt -days 825 -sha256 -extfile $NAME.ext
# Validate cert
openssl verify -CAfile myCA.pem -verify_hostname app.mydomain.com mydomain.com.crt
# Chromium -> SSL -> Manage certificates -> Authorities -> Import (myCA.pem) -> Trust all
- Based on JellicleCat answer on SO#7580508 *