As igalic Show archive.org snapshot commented on this gist Show archive.org snapshot .
openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -keyout server.key -out server.crt
Create a new request ...
-newkey
: ... using a new key ...
... of type RSA, 2048 bits long.
-sha1
: Make sure to use SHA1 as this certificate's hashing algorithm,
-nodes
: don't encrypt the key and
-x509
: make it an X.509 certificate, not a Certificate Signing Request.
The linked tool mkcert Show archive.org snapshot helps you to setup locally-trusted development certificates. We also have cards that describe how to use SSL in development with Passenger, Puma and Thin.
mkcert
will create a certificate for development without any configuration and add it to the system trust store.
Download a current pre-built binary
here
Show archive.org snapshot
, e.g. mkcert-v1.4.4-linux-amd64
. Move it to a directory in your PATH
and make it executable.
$ chmod +x ~/Downloads/mkcert-v1.4.4-linux-amd64
$ mv ~/Downloads/mkcert-v1.4.4-linux-amd64 ~/bin
$ mkcert-v1.4.4-linux-amd64 localhost
Created a new local CA 💥
...
See Web development: Accepting a self-signed certificate in Google Chrome.