Skip to content

Instantly share code, notes, and snippets.

@rafaelsteil

rafaelsteil/instructions.md

Created April 25, 2023 02:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rafaelsteil/e9e588d5de03543d1a7df93d90fe2d24 to your computer and use it in GitHub Desktop.
Save rafaelsteil/e9e588d5de03543d1a7df93d90fe2d24 to your computer and use it in GitHub Desktop.
Download ZIP
Self signed SSL certificate for local development
Raw
instructions.md

Instructions on how to generate a self signed ssl certificate and enable it on the OS level so that browsers accept it.

1. Add domains to /etc/hosts

These are the domains you plan to access over https

e.g:

127.0.0.1 local.dev
127.0.0.1 site1.local.dev
127.0.0.1 site2.local.dev
127.0.0.1 site1.dev
127.0.0.1 site2.dev

OpenSSL

It's necessary to have openssl >= 3, check with openssl version. If necessary, run brew install openssl to install the newest version. More details on https://blog.lukaskukacka.com/ios/2020/09/10/ios13-macos1015-generating-self-signed-certificates.html

To create a self signed certificate listing all domains that should be supported:

openssl req -x509 -nodes -days 9999 -newkey rsa:4096 \
    -addext "subjectAltName = DNS:local.dev,DNS:site1.local.dev,DNS:site2.local.dev,DNS:site1.dev,DNS:site2.dev" \
    -addext "extendedKeyUsage = serverAuth" \
    -keyout local_dev.key -out local_dev.crt

To install the certificate on OSX run:

sudo security add-trusted-cert -d -r trustRoot \
  -k /Library/Keychains/System.keychain `pwd`/local_dev.crt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment