nhanco/nginx-dev-ssl.sh

## nginx-dev-ssl.sh
# copy default OpenSSL config
cp /usr/local/etc/openssl/openssl.cnf .

# make changes according to https://fbcs.co.uk/self-signed-multiple-domain-ssl-certificates/
vim openssl.cnf

# [alt_names]
# DNS.1 = localhost
# IP.1 = 0.0.0.0
# IP.2 = 127.0.0.1

# generate certificate
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout project.key -out project.crt -config openssl.cnf

# Generating a 2048 bit RSA private key
# ......................+++
# ..................................................................................................................+++
# writing new private key to 'project.key'
# -----
# You are about to be asked to enter information that will be incorporated
# into your certificate request.
# What you are about to enter is what is called a Distinguished Name or a DN.
# There are quite a few fields but you can leave some blank
# For some fields there will be a default value,
# If you enter '.', the field will be left blank.
# -----
# Country Name (2 letter code) [AU]:.
# State or Province Name (full name) [Some-State]:.
# Locality Name (eg, city) []:.
# Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
# Organizational Unit Name (eg, section) []:.
# Common Name (e.g. server FQDN or YOUR name) []:dummy.dev
# Email Address []:.

# add https endpoint
vim nginx.conf

# server {
#   listen 443;
#   server_name ~^(.+)$;
#
#   ssl                  on;
#   ssl_certificate      ssl/project.crt;
#   ssl_certificate_key  ssl/project.key;
#
#   location / {
#     add_header Content-Type text/plain;
#     return 200 'secure gangnam style!';
#   }
# }

sudo brew services restart nginx

# visit https://localhost & make the certificate trustworthy by adding to keychain
# http://www.robpeck.com/2010/10/google-chrome-mac-os-x-and-self-signed-ssl-certificates/
	# copy default OpenSSL config
	cp /usr/local/etc/openssl/openssl.cnf .

	# make changes according to https://fbcs.co.uk/self-signed-multiple-domain-ssl-certificates/
	vim openssl.cnf

	# [alt_names]
	# DNS.1 = localhost
	# IP.1 = 0.0.0.0
	# IP.2 = 127.0.0.1

	# generate certificate
	openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout project.key -out project.crt -config openssl.cnf

	# Generating a 2048 bit RSA private key
	# ......................+++
	# ..................................................................................................................+++
	# writing new private key to 'project.key'
	# -----
	# You are about to be asked to enter information that will be incorporated
	# into your certificate request.
	# What you are about to enter is what is called a Distinguished Name or a DN.
	# There are quite a few fields but you can leave some blank
	# For some fields there will be a default value,
	# If you enter '.', the field will be left blank.
	# -----
	# Country Name (2 letter code) [AU]:.
	# State or Province Name (full name) [Some-State]:.
	# Locality Name (eg, city) []:.
	# Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
	# Organizational Unit Name (eg, section) []:.
	# Common Name (e.g. server FQDN or YOUR name) []:dummy.dev
	# Email Address []:.

	# add https endpoint
	vim nginx.conf

	# server {
	# listen 443;
	# server_name ~^(.+)$;
	#
	# ssl on;
	# ssl_certificate ssl/project.crt;
	# ssl_certificate_key ssl/project.key;
	#
	# location / {
	# add_header Content-Type text/plain;
	# return 200 'secure gangnam style!';
	# }
	# }

	sudo brew services restart nginx

	# visit https://localhost & make the certificate trustworthy by adding to keychain
	# http://www.robpeck.com/2010/10/google-chrome-mac-os-x-and-self-signed-ssl-certificates/