mmccall10 · September 18, 2016 00:09
diff --git a/localcert.txt b/localcert.txt
 Excute:
 openssl req -x509 -newkey rsa:2048 -keyout domain.key -out domain.csr -days 1000 -nodes -subj '/CN=domain.com'
 *files are generated in cwd

 Note:
 -nodes (prevents asking for password)

 -subj '/CN=domain.com' (assigns it to the correct local domain)

 After cert is created make sure its in the nginx config
 In ther server block and nginx conf make sure ssl is on:

 #/etc/nginx/ngix.conf
 http {

    #make sure ssl is on
    ssl on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;
    
 }

 #/etc/nginx/sites-available/site.conf
 server {

    #SSL
    listen 443 ssl;
    ssl_certificate /path/to/cert/domain.key;
    ssl_certificate_key /home/vagrant/sites/enlistlyapps/enlistly/domain.key;

 }

 NEXT:

 1. Open up chrome and access https url.
 2. When you see the warning proceed to access the site anyways (its' your site, you trust it right?)
 3. Double click the red x in the bar and view the certificate or click view more details and then click the view certificate button 
 4. Drag the certificate to your Desktop
 5. Double click the certificate (this will open keychain access)
 6. From keychain access click file > import and select your key chain
 7. Once imported right click on your certificate (or click info icon) and select the trust dropdown
 8. Select Always Trust
 9. Restart Chrome. Now you should have the trusted green lock!

 *I understand this is a specific use case. If you come across this and it does not meet you needs I apologize. 
 However, I do understand many developers use Mac and nginx to develop locally therefore, I decided to add this publicly in the event it helps at least on person out.
 Selfishly, I made this as a backup to my ever revolving memory. Enjoy!
	Excute:
	openssl req -x509 -newkey rsa:2048 -keyout domain.key -out domain.csr -days 1000 -nodes -subj '/CN=domain.com'
	*files are generated in cwd

	Note:
	-nodes (prevents asking for password)

	-subj '/CN=domain.com' (assigns it to the correct local domain)

	After cert is created make sure its in the nginx config
	In ther server block and nginx conf make sure ssl is on:

	#/etc/nginx/ngix.conf
	http {

	#make sure ssl is on
	ssl on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	}

	#/etc/nginx/sites-available/site.conf
	server {

	#SSL
	listen 443 ssl;
	ssl_certificate /path/to/cert/domain.key;
	ssl_certificate_key /home/vagrant/sites/enlistlyapps/enlistly/domain.key;

	}

	NEXT:

	1. Open up chrome and access https url.
	2. When you see the warning proceed to access the site anyways (its' your site, you trust it right?)
	3. Double click the red x in the bar and view the certificate or click view more details and then click the view certificate button
	4. Drag the certificate to your Desktop
	5. Double click the certificate (this will open keychain access)
	6. From keychain access click file > import and select your key chain
	7. Once imported right click on your certificate (or click info icon) and select the trust dropdown
	8. Select Always Trust
	9. Restart Chrome. Now you should have the trusted green lock!

	*I understand this is a specific use case. If you come across this and it does not meet you needs I apologize.
	However, I do understand many developers use Mac and nginx to develop locally therefore, I decided to add this publicly in the event it helps at least on person out.
	Selfishly, I made this as a backup to my ever revolving memory. Enjoy!