Chrome 58 does not trust local SSL certificates

[philipnewcomer]

Subject Alternate Name is now a required field for Chrome to trust a certificate, and is not currently included in the SSL certificates generated by PH. This results in local sites using SSL not being accessible in Chrome 58.

Details:

• https://www.reddit.com/r/sysadmin/comments/66clon/chrome_58_displays_an_untrusted_warning_for_certs/
• Self signed certificate no longer valid as of Chrome 58 webpack/webpack-dev-server#854
• https://deliciousbrains.com/https-locally-without-browser-privacy-errors/

[philipnewcomer]

Running the following command will make Chrome 58 recognize these local certificates, but this workaround will likely not be supported forever:
defaults write com.google.Chrome EnableCommonNameFallbackForLocalAnchors -bool true

[philipnewcomer]

Pilothouse now generates certs that Chrome 58 likes.

[philipnewcomer]

Also you can now run the generate-ssl command as many times as you like and it will no longer add duplicate SSL config lines to the site's nginx config.