Generate a Self-Signed SSL Certificate
To generate a self-signed SSL certificate that can be used for Firefox and Chrome to access a localhost server on your local machine, follow these steps using OpenSSL.
Create an OpenSSL configuration file
Create a file named localhost.cnf with the following content
[req]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[dn]
C = US
ST = California
L = YourCity
O = YourOrganization
OU = YourOrganizationalUnit
CN = localhost
[req_ext]
subjectAltName = @alt_names
[alt_names]
DNS.1 = localhost
Generate the private key
openssl genpkey -algorithm RSA -out localhost.key -pkeyopt rsa_keygen_bits:2048
Generate the CSR using the configuration file
openssl req -new -key localhost.key -out localhost.csr -config localhost.cnf
Generate the self-signed certificate with SAN
openssl x509 -req -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt -extensions req_ext -extfile localhost.cnf
Import the Certificate on Windows
- Press Windows + R and type
certmgr.msc, then hit Enter. - Choose Trusted Root Certification Authorities.
- Right-click on Certificates, All Tasks, then choose Import.
- Select the
localhost.crtfile. - Make sure to place the certificate in the Trusted Root Certification Authorities folder.
Configure Your Server
Make sure your server is correctly configured to use the generated key and certificate files.
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /path/to/localhost.crt;
ssl_certificate_key /path/to/localhost.key;
# Other server configurations
}
Restart Your Server
After updating the server configuration, restart your web server to apply the changes.
Check the Certificate
After completing these steps, you should be able to access https://localhost in Chrome without any certificate errors. If the issue persists, clear the browser cache and restart the browser.