Getting Chrome to accept self-signed localhost certificate

后端 未结 30 2956
小蘑菇
小蘑菇 2020-11-21 11:30

I have created a self-signed SSL certificate for the localhost CN. Firefox accepts this certificate after initially complaining about it, as expected. Chrome and IE, however

30条回答
  •  鱼传尺愫
    2020-11-21 11:58

    As of Chrome 58+ I started getting certificate error on macOS due missing SAN. Here is how to get the green lock on address bar again.

    1. Generate a new certificate with the following command:

      openssl req \
        -newkey rsa:2048 \
        -x509 \
        -nodes \
        -keyout server.key \
        -new \
        -out server.crt \
        -subj /CN=*.domain.dev \
        -reqexts SAN \
        -extensions SAN \
        -config <(cat /System/Library/OpenSSL/openssl.cnf \
            <(printf '[SAN]\nsubjectAltName=DNS:*.domain.dev')) \
        -sha256 \
        -days 720
      
    2. Import the server.crt into your KeyChain, then double click in the certificate, expand the Trust, and select Always Trust

    Refresh the page https://domain.dev in Google Chrome, so the green lock is back.

提交回复
热议问题