Skip to content
/ local-ca Public

Instructions on how to setup a local CA for dev purposes

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

gmagno/local-ca

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
dev-server.local.cfg
dev-server.local.cfg
 
 
dev-server.py
dev-server.py
 
 

Repository files navigation

How to setup a local Certificate Authority for development purposes

Steps to make a local certificate authority and generate certificates for dev servers. Inspired by this article.

  1. Generate the root private key
$ openssl genrsa -des3 -out rootCA.key 2048
  1. Generate the root certificate using the private key
$ openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1825 -out rootCA.pem
  1. Convert the root certificate from .pem to .crt
$ openssl x509 -outform der -in rootCA.pem -out rootCA.crt
  1. Add the root certificate to ubuntu local config directory
$ sudo cp rootCA.crt /usr/local/share/ca-certificates/
$ sudo update-ca-certificates
  1. Create CA-Signed certificates for my dev servers by creating a private key and a CSR (certificate request)
$ mkdir -p dev-server && cp dev-server.py dev-server && cd dev-server
$ openssl genrsa -out dev-server.local.key 2048
$ openssl req -new -key dev-server.local.key -out dev-server.local.csr
$ openssl x509 -req -in dev-server.local.csr -CA ../rootCA.pem -CAkey ../rootCA.key \
-CAcreateserial -out dev-server.local.crt -days 1825 -sha256 \
-extfile ../dev-server.local.cfg
$ openssl x509 -outform PEM -in dev-server.local.crt -out dev-server.local.pem  # convert .crt to .pem
  1. Copy the dev-server certificate and key to the server and run the test python script
$ cd .. && scp -r dev-server/ <user>@dev-server.local:~/

finally ssh into the dev-server.local and run the python script.

An https request on https://dev-server.local:4443 should open a secure connection with the server.

Do not forget to import the CA root certificate to the browser!

About

Instructions on how to setup a local CA for dev purposes

Topics

ssl https ssl-certificate certificate-authority

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages