Create certificate on localhost

Create wildcard Self-Signed Certificate.md

Create a file named openssl.cnf

Put in this file the following code:

[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req

[req_distinguished_name]
commonName = mydomain.com
commonName_max = 64

[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = mydomain.com
DNS.2 = *.mydomain.com

Run the commands below

• To create the Private key:

sudo openssl genrsa -out server.key 2048

• To create Certificate Signing Request (CSR):

sudo openssl req -new -out server.csr -key server.key -config openssl.cnf

Input the CN on the terminal, the same domain that you put in the openssl.cnf file.

• To sign the SSL Certificate:

sudo openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt -extensions v3_req -extfile openssl.cnf

create_certificate_localhost.md

• Run this command to generate the key

openssl req \
    -newkey rsa:2048 \
    -x509 \
    -nodes \
    -keyout server.key \
    -new \
    -out server.crt \
    -subj /CN=dev.mycompany.com \
    -reqexts SAN \
    -extensions SAN \
    -config <(cat /System/Library/OpenSSL/openssl.cnf \
        <(printf '[SAN]\nsubjectAltName=DNS:dev.mycompany.com')) \
    -sha256 \
    -days 3650

• Open on the mac -> keychain Access.app

• Drag your server.crt and drop inside access.app

• Double click in the certificate and mark "Always trust"

• Open your vhost and configure your SSLCertificateFile

SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/etc/apache2/certs/server.crt"
SSLCertificateKeyFile "/etc/apache2/certs/server.key"

• Restart your apache