Best IT Recipes

How to create a self-signed certificate for localhost?

I went through the steps described in How do you use https / SSL on localhost? , but this sets up a self-signed certificate for my machine name, and when viewing it through https: // localhost I get an IE warning.

Is there a way to create a self-signed certificate for "localhost" to avoid this warning?

+70
windows-7 iis ssl-certificate
Nov 17 '11 at 15:43
source share
6 answers

Although this message was sent for Windows, this is an OS X question that I have not seen elsewhere. Here are the steps to create a self-signed certificate for localhost on OS X :

# Use 'localhost' for the 'Common name' openssl req -x509 -sha256 -nodes -newkey rsa:2048 -days 365 -keyout localhost.key -out localhost.crt # Add the cert to your keychain open localhost.crt

In Keychain Access double-click this new localhost certificate. Expand the arrow next to Trust and select Always Trust. Chrome and Safari must now trust this certificate. For example, if you want to use this certificate using node.js:

 var options = { key: fs.readFileSync('/path/to/localhost.key').toString(), cert: fs.readFileSync('/path/to/localhost.crt').toString(), ciphers: 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384', honorCipherOrder: true, secureProtocol: 'TLSv1_2_method' }; var server = require('https').createServer(options, app);
+51
Aug 23 '15 at 17:28
source share
— -

After spending a lot of time on this issue, I found that whenever I watched the suggestions for using IIS to create a self-signed certificate, I found that Issued To and Issued by was wrong. SelfSSL.exe was the key to solving this problem. The following website not only provided a phased approach to self-signed certificates, but also resolved the issue with issue and release. Here is the best solution I have found for creating self-signed certificates. If you prefer to see the same tutorial as a video, click here .

An example of using SelfSSL would look something like this:

SelfSSL / N: CN = YourWebsite.com / V: 1000 / S: 2

SelfSSL /? will provide a list of parameters with an explanation.

+43
Jul 25 '13 at 1:51 on
source share

If you are trying to create a self-signed certificate that allows you to go http://localhost/mysite Then here is a way to create it

 makecert -r -n "CN=localhost" -b 01/01/2000 -e 01/01/2099 -eku 1.3.6.1.5.5.7.3.1 -sv localhost.pvk localhost.cer cert2spc localhost.cer localhost.spc pvk2pfx -pvk localhost.pvk -spc localhost.spc -pfx localhost.pfx

From http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/32bc5a61-1f7b-4545-a514-a11652f11200

+21
Apr 30 '12 at 1:17
source share

You can use PowerShell to create a self-signed certificate using the new-selfsignedcertificate cmdlet:

 New-SelfSignedCertificate -DnsName "localhost" -CertStoreLocation "cert:\LocalMachine\My"

Note. makecert.exe is deprecated.

Command Reference: https://technet.microsoft.com/itpro/powershell/windows/pkiclient/new-selfsignedcertificate

+15
May 24 '17 at 17:05
source share

I would recommend the Pluralsight tool for creating self-signed certificates: http://blog.pluralsight.com/selfcert-create-a-self-signed-certificate-interactively-gui-or-programmatically-in-net

Make your certificate as .pfx and import it into IIS. And add it as a trusted root certification authority.

+6
Oct 23 '15 at 8:04
source share

Yes and no. Self-signed certificates result in this warning message because the certificate was not signed by a trusted certificate authority. There are several options you can consider to remove this warning on your local computer. See Answers to this question with the highest rating:

What do I need to do to get Internet Explorer 8 to accept a self-signed certificate?

Hope this helps!



EDIT:

Sorry, I didn’t initially know that you are limited to the local host. You can try to follow the instructions at the link below to "Create a self-signed certificate with the correct common name."

http://www.sslshopper.com/article-how-to-create-a-self-signed-certificate-in-iis-7.html

0
Nov 17 '11 at 15:51
source share


More articles:


All Articles