Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
create self-signed certificate for localhost
# SSL self signed localhost for rails start to finish, no red warnings.
# 1) Create your private key (any password will do, we remove it below)
$ openssl genrsa -des3 -out server.orig.key 2048
# 2) Remove the password
$ openssl rsa -in server.orig.key -out server.key
# 3) Generate the csr (Certificate signing request) (Details are important!)
$ openssl req -new -key server.key -out server.csr
# IMPORTANT
# MUST have localhost.ssl as the common name to keep browsers happy
# (has to do with non internal domain names ... which sadly can be
# avoided with a domain name with a "." in the middle of it somewhere)
Country Name (2 letter code) [AU]:
...
Common Name: localhost.ssl
...
# 4) Generate self signed ssl certificate
$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
# 5) Finally Add localhost.ssl to your hosts file
$ echo "127.0.0.1 localhost.ssl" | sudo tee -a /private/etc/hosts
# 6) Boot thin
$ thin start --ssl --ssl-verify --ssl-key-file server.key --ssl-cert-file server.crt
# 7) Add server.crt as trusted !!SYSTEM!! (not login) cert in the mac osx keychain
# Open keychain tool, drag .crt file to system, and trust everything.
# Notes:
# 1) Https traffic and http traffic can't be served from the same thin process. If you want
# both you need to start two instances on different ports.
#
#
@dellwatson

This comment has been minimized.

Copy link

dellwatson commented Nov 29, 2017

what is line 34 doing ? "sudo tee -a /private/etc/hosts ?
sorry i'm newbie

and also what is "thin" ?? cause im using linux.

@bendubuisson

This comment has been minimized.

Copy link

bendubuisson commented Dec 10, 2017

@dellryuzi
it's copying "127.0.0.1 localhost.ssl" at the end of the file /private/etc/hosts
https://en.wikipedia.org/wiki/Tee_(command)

Thin is a lightweight web server http://code.macournoyer.com/thin/

@erikyuzwa

This comment has been minimized.

Copy link

erikyuzwa commented Feb 15, 2018

this saved my a$$ when setting up a Grunt task to allow local AngularJS client debugging, and proxying /api requests to a staging environment. 🎩 well done and thank you OP.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.