Last active
January 23, 2018 12:54
-
-
Save kentork/bad5207b2b299ed08acaee4435ddbe55 to your computer and use it in GitHub Desktop.
CA for localhost
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| localhost { | |
| tls {$USERPROFILE}/.local-ca/devserver.crt {$USERPROFILE}/.local-ca/devserver.key | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Add functions to your profile | |
| ## Referance | |
| # https://medium.freecodecamp.org/how-to-get-https-working-on-your-local-development-environment-in-5-minutes-7af615770eec | |
| $rootCA_conf_url = "https://gist.githubusercontent.com/kentork/bad5207b2b299ed08acaee4435ddbe55/raw/ba22b79bfd875f9f020cbeb625e4ca04615ee572/rootCA.conf" | |
| $devserver_conf_url = "https://gist.githubusercontent.com/kentork/bad5207b2b299ed08acaee4435ddbe55/raw/ba22b79bfd875f9f020cbeb625e4ca04615ee572/devserver.conf" | |
| $v3_ext_url = "https://gist.githubusercontent.com/kentork/bad5207b2b299ed08acaee4435ddbe55/raw/ba22b79bfd875f9f020cbeb625e4ca04615ee572/v3.ext" | |
| function create-devcert { | |
| if (Test-Path "~/.local-ca/devserver.crt") { | |
| $ok = Confirm-No "'~/.local-ca/devserver.crt' is already Exists. Overwrite ?" | |
| if (! $ok) {Write-Abort "`r`nAborted."; return} | |
| Remove-Item "~/.local-ca/devserver.crt", "~/.local-ca/devserver.csr", "~/.local-ca/devserver.key" | |
| } | |
| $result = New-Item -ItemType Directory -Force -Path ~/.local-ca | |
| Push-Location ~/.local-ca | |
| if ( -not (Test-Path "~/.local-ca/rootCA.crt")) { | |
| $result = Invoke-WebRequest -Uri $rootCA_conf_url -OutFile rootCA.conf | |
| Write-Host "Generate RSA key for Root SSL Certificate" -ForegroundColor DarkYellow | |
| $result = openssl genrsa -des3 -out rootCA.key 2048 | |
| Write-Host "Generate Root SSL Certificate" -ForegroundColor DarkYellow | |
| $result = openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 365 -out rootCA.crt -config rootCA.conf | |
| } | |
| $result = Invoke-WebRequest -Uri $devserver_conf_url -OutFile devserver.conf | |
| $result = Invoke-WebRequest -Uri $v3_ext_url -OutFile v3.ext | |
| Write-Host "" | |
| Write-Host "Generate SSL Certificate for 'localhost' domain" -ForegroundColor DarkYellow | |
| $result = openssl req -new -sha256 -nodes -out devserver.csr -newkey rsa:2048 -keyout devserver.key -config devserver.conf | |
| Write-Host "Signing to Certificate for localhost by Root SSL Certification" -ForegroundColor DarkYellow | |
| $result = openssl x509 -req -in devserver.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out devserver.crt -days 365 -sha256 -extfile v3.ext | |
| Pop-Location | |
| Write-Host "" | |
| Write-Host "Done." -ForegroundColor DarkYellow | |
| } | |
| function enable-devcert { | |
| if (Test-Path "~\.local-ca\rootCA.crt") { | |
| Start-Process -FilePath powershell.exe -ArgumentList { | |
| Import-Certificate -FilePath "~\.local-ca\rootCA.crt" -CertStoreLocation Cert:\LocalMachine\Root | |
| } -verb RunAs -Wait | |
| Write-Host "Done." -ForegroundColor DarkYellow | |
| } else { | |
| Write-Host "~\.local-ca\rootCA.crt is not exists." -ForegroundColor DarkYellow | |
| } | |
| } | |
| function disable-devcert { | |
| Start-Process -FilePath powershell.exe -ArgumentList { | |
| Get-ChildItem Cert:\LocalMachine\Root | where { $_.Subject -match 'CN=Local Certificate Root For Development' } | Remove-Item | |
| } -verb RunAs -Wait | |
| Write-Host "Done." -ForegroundColor DarkYellow | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [req] | |
| default_bits = 2048 | |
| prompt = no | |
| default_md = sha256 | |
| distinguished_name = dn | |
| [dn] | |
| C=JP | |
| ST=Development | |
| L=Development | |
| O=Development | |
| OU=Developer | |
| CN=localhost | |
| [email protected] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [req] | |
| default_bits = 2048 | |
| prompt = no | |
| default_md = sha256 | |
| distinguished_name = dn | |
| [dn] | |
| C=JP | |
| ST=Development | |
| L=Development | |
| O=Development | |
| OU=Developer | |
| CN=Local Certificate Root For Development | |
| [email protected] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| authorityKeyIdentifier=keyid,issuer | |
| basicConstraints=CA:FALSE | |
| keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment | |
| subjectAltName = @alt_names | |
| [alt_names] | |
| DNS.1 = localhost |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment