Created
January 31, 2018 07:16
-
-
Save polevaultweb/c83ac276f51a523a80d8e7f9a61afad0 to your computer and use it in GitHub Desktop.
Easily create local SSL certificates for development sites that work with you own Certificate Authority https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| if [ "$#" -ne 1 ] | |
| then | |
| echo "Usage: Must supply a domain" | |
| exit 1 | |
| fi | |
| DOMAIN=$1 | |
| cd ~/certs | |
| openssl genrsa -out $DOMAIN.key 2048 | |
| openssl req -new -key $DOMAIN.key -out $DOMAIN.csr | |
| cat > $DOMAIN.ext << EOF | |
| authorityKeyIdentifier=keyid,issuer | |
| basicConstraints=CA:FALSE | |
| keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment | |
| subjectAltName = @alt_names | |
| [alt_names] | |
| DNS.1 = $DOMAIN | |
| DNS.2 = $DOMAIN.192.168.1.19.xip.io | |
| EOF | |
| openssl x509 -req -in $DOMAIN.csr -CA ../myCA.pem -CAkey ../myCA.key -CAcreateserial \ | |
| -out $DOMAIN.crt -days 1825 -sha256 -extfile $DOMAIN.ext |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As mtz_federico mentions on the Delicious Brain article recently (Dec 19) macOS Catalina rejects certs valid for more than 825 days
https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/#post-4728028116
@polevaultweb thanks for the script