如何为localhost创建自签名证书？ [英] How can I create a self-signed cert for localhost?

问题描述

我已经完成了你如何使用的详细步骤本地主机上的https / SSL？但这会为我的机器名设置一个自签名证书，并在通过 https：//进行浏览时localhost 我收到IE警告。

I've gone through the steps detailed in How do you use https / SSL on localhost? but this sets up a self-signed cert for my machine name, and when browsing it via https://localhost I receive the IE warning.

有没有办法为localhost创建自签名证书以避免此警告？

Is there a way to create a self-signed cert for "localhost" to avoid this warning?

推荐答案

虽然这篇文章的帖子被标记为Windows，但OS X上的相关问题我还没有看到其他地方的答案。以下是在 OS X 上为localhost创建自签名证书的步骤：

Although this post is post is tagged for Windows, it is relevant question on OS X that I have not seen answers for elsewhere. Here are steps to create a self-signed cert for localhost on OS X:

# Use 'localhost' for the 'Common name'
openssl req -x509 -sha256 -nodes -newkey rsa:2048 -days 365 -keyout localhost.key -out localhost.crt

# Add the cert to your keychain
open localhost.crt

在钥匙串访问，双击这个新的localhost证书。展开信任旁边的箭头，然后选择始终信任。 Chrome和Safari现在应该信任此证书。例如，如果要将此证书与node.js一起使用：

In Keychain Access, double-click on this new localhost cert. Expand the arrow next to "Trust" and choose to "Always trust". Chrome and Safari should now trust this cert. For example, if you want to use this cert with node.js:

var options = {
    key: fs.readFileSync('/path/to/localhost.key').toString(),
    cert: fs.readFileSync('/path/to/localhost.crt').toString(),
    ciphers: 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384',
    honorCipherOrder: true,
    secureProtocol: 'TLSv1_2_method'
};

var server = require('https').createServer(options, app);

这篇关于如何为localhost创建自签名证书？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！