Skip to content

Instantly share code, notes, and snippets.

Last active December 29, 2023 19:35
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save paulcpederson/6e2ff7e85d396e4df007e8a5a00e8a1b to your computer and use it in GitHub Desktop.
Creating Valid Certificates for Local Development

Creating the Root Certificate

You only need to do this once for your computer. All subsequent certificates you make will get generated from this root cert.

First, generate a private key:

openssl genrsa -des3 -out myCA.key 2048

Next, make a root certificate using that key. Use the password you just chose. You can skip all the answers except for Common Name as you'll need to find that in a list later.

openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out myCA.pem

Add your root certificate to the Keychain app on Mac.

sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" myCA.pem

Double click it and always trust.

Creating Certificates

Once your root cert is trusted, you can generate certificates for each project. I'll use but replace this with whatever dev url you use in your hosts file.

First, create a private key:

openssl genrsa -out 2048

Then create a csr:

openssl req -new -key -out

After that, create a configuration file for the project. Create a file named

keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names

DNS.1 =
DNS.2 =

Finally, create and sign the certificate:

openssl x509 -req -in -CA myCA.pem -CAkey myCA.key -CAcreateserial -out -days 1825 -sha256 -extfile

Editing the Hosts File

Now you have a certificate that's valid for, so you'll need to develop against that.

Open your hosts file (/private/etc/hosts on mac) and add a new line like:

Save the file. Now, while developing, have your dev server use the generated certificate files and develop against using whatever port numbers the server uses.

Copy link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment