Skip to content

Instantly share code, notes, and snippets.

@rwoeber
Created December 26, 2013 19:08
Show Gist options
  • Save rwoeber/8137498 to your computer and use it in GitHub Desktop.
Save rwoeber/8137498 to your computer and use it in GitHub Desktop.
Trusted wildcard SSL certs for localhost on osx / mac via http://grosser.it/2013/11/28/trusted-wildcard-ssl-certs-for-localhost-on-osx-mac/
openssl genrsa 2048 > host.key
openssl req -new -x509 -nodes -sha1 -days 3650 -key host.key > host.cert
#[enter *.localhost.dev for the Common Name]
openssl x509 -noout -fingerprint -text < host.cert > host.info
cat host.cert host.key > host.pem
Trust cert
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain host.cert
# nginx.conf
server {
listen 80;
listen 443 default ssl;
ssl_certificate <%= scope.lookupvar "nginx::config::configdir" %>/ssl/localhost.crt;
ssl_certificate_key <%= scope.lookupvar "nginx::config::configdir" %>/ssl/localhost.key;
server_name *.localhost *.localhost.dev;
# nginx.pp
file { "${nginx::config::configdir}/ssl":
ensure => 'directory'
}
$cert = "${nginx::config::configdir}/ssl/localhost.crt"
exec {"trust-nginx-cert":
command => "sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ${cert}",
require => File[$cert],
user => root,
}
file { $cert:
ensure => present,
source => 'puppet:///modules/company-name/ssl/localhost.crt',
notify => Service['dev.nginx']
}
file { "${nginx::config::configdir}/ssl/localhost.key":
ensure => present,
source => 'puppet:///modules/company-name/ssl/localhost.key',
notify => Service['dev.nginx']
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment