Created
April 17, 2022 11:25
-
-
Save afedotov/a742b694c8b2f1e762d1a66b66a60fd8 to your computer and use it in GitHub Desktop.
Create self-signed root CA certificate on macOS for local development purposes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| set -e | |
| openssl genrsa -aes256 -passout env:PASSWORD -out certs/dev-root-CA-key.pem 4096 | |
| openssl req \ | |
| -new \ | |
| -sha256 \ | |
| -subj "/CN=dev-root-CA" \ | |
| -key certs/dev-root-CA-key.pem \ | |
| -out certs/dev-root-CA-csr.pem \ | |
| -passin env:PASSWORD \ | |
| openssl x509 \ | |
| -req \ | |
| -sha256 \ | |
| -days 3650 \ | |
| -in certs/dev-root-CA-csr.pem \ | |
| -signkey certs/dev-root-CA-key.pem \ | |
| -out certs/dev-root-CA-crt.pem \ | |
| -extfile <(printf "basicConstraints=critical,CA:true,pathlen:1\nkeyUsage=digitalSignature,keyCertSign,cRLSign") \ | |
| -passin env:PASSWORD \ | |
| openssl x509 -in certs/dev-root-CA-crt.pem -noout -text > certs/dev-root-CA-crt.txt | |
| # | |
| # Add dev-root-CA certificate to macOS keychain: | |
| # | |
| # $ security add-trusted-cert -k login.keychain certs/dev-root-CA-crt.pem | |
| # | |
| # |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment