-
Certificate Authority
-
Generate a root key (provide a password):
openssl genrsa -des3 -out rootCA.key 2048 -
Generate a root certificate
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 730 -out rootCert.pem
-
-
Server certificate
-
Generate a server key:
openssl genrsa -out server.key 2048 -
Request a server certificate (with "localhost" subjectAltName):
openssl req -new -key server.key -out server.csr -addext "subjectAltName = DNS:localhost" -
Sign the server certificate with the root certificate (using password and copying the subjectAltName extension):
openssl x509 -req -in server.csr -CA rootCert.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 730 -sha256 -copy_extensions copy
-
-
HTTP Server
-
Configure the server to use the server key and certificate. E.g. in Node.js:
const https = require("node:https"); const fs = require("node:fs"); const options = { key: fs.readFileSync("server.key"), cert: fs.readFileSync("server.crt"), }; https.createServer(options, ...);
-
-
Wrangler
-
Configure Wrangler to trust the root certificate:
NODE_EXTRA_CA_CERTS=rootCert.pem wrangler dev
-
Last active
October 22, 2024 15:52
-
-
Save petebacondarwin/804f390138570eb99e34c974c0c68585 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment