pick a top level domain you want to use, I choose calvin, replace YOURNAME with this
export TLS=YOURNAME
brew install dnsmasq
mkdir -pv $(brew --prefix)/etc
sudo cp -v $(brew --prefix dnsmasq)/homebrew.mxcl.dnsmasq.plist /Library/LaunchDaemons
sudo launchctl load -w /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist
sudo mkdir -pv /etc/resolver
echo "address=/.$TLS/::11\naddress=/.$TLS/127.0.0.1" | sudo tee -a $(brew --prefix)/etc/dnsmasq.conf
echo "nameserver 127.0.0.1" | sudo tee /etc/resolver/$TLS
likely want to make a folder to do this
openssl req -x509 -newkey rsa:2048 -sha224 -nodes -keyout cakey.pem -out ca.pem
These next steps are per project, do them from the project folder
[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
default_md = sha224
[req_distinguished_name]
CN = ${PWD##*/}.$TLD
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
openssl req -in openssl.conf -nodes -newkey rsa:2048 -sha224 -config openssl.conf -keyout ssl.key -out ssl.req
openssl x509 -req -in ssl.req -sha224 -extfile openssl.conf -CA ~/ca/ca.pem -CAkey ~/ca/cakey.pem -out ssl.cert
# use -CAcreateserial the first time