Satisfy Chromium/Chrome 58+ strict requirements for self-signed HTTPS/SSL cert. It resolve all errors such as ๐
Subject Alternative Name Missing.
This site is missing a valid, trusted certificate (net::ERR_CERT_COMMON_NAME_INVALID).
This site is missing a valid, trusted certificate (net::ERR_CERT_AUTHORITY_INVALID).
...
Create CA key and cert
$ sh ./create_root_CA_key_and_cert.sh
Create server/domain key
$ sh ./create_certificate_for_domain.sh {your.domain}
Add cert and key to Apache2/Nginx/... site-file, HTTPS (port 443) section.
Cert files is located at certs
directory.
SSLCertificateFile /path_to_your_files/your.domain.crt
SSLCertificateKeyFile /path_to_your_files/your.domain.key
Or with nodejs/express
:
const key = fs.readFileSync(your.domain.key);
const cert = fs.readFileSync(your.domain.cert);
const ca = fs.readFileSync(rootCA.pem);
const credentials = { key, cert, ca };
const app = express();
const server = https.createServer(credentials, app);
server.listen(port, host, function() {
console.log(`Server on https://${host}:${port}`);
});
Add cert to the browser
Chromium -> Setting -> (Advanced) Manage Certificates -> Import -> 'rootCA/rootCA.pem'