I'm trying to secure my localhost website (which is on MAMP pro) on Chrome (V68), so far I've done the following things: Generated the certificate and certificate key files through MAMP Added the certificate to the keychain access and set to always trust Dragged the certificate from Chrome, double clicked and made sure it was set to always trust Looking at the Chrome developer security tools it says the following:

Reputation: 495

SSL Certificate Invalid on localhost

I'm trying to secure my localhost website (which is on MAMP pro) on Chrome (V68), so far I've done the following things:

Generated the certificate and certificate key files through MAMP
Added the certificate to the keychain access and set to always trust
Dragged the certificate from Chrome, double clicked and made sure it was set to always trust

Looking at the Chrome developer security tools it says the following:

Upvotes: 0

Answers (1)

adrock42

Reputation: 111

Mamp hasn't been great about fixing this bug, they need to generate more information in the SSL Cert. To fix it, you'll need to create a conf file and run some terminal commands. this has been working for me

FIRST: The conf file sample.local.conf replace sammple.local with your local site url

[ req ]
default_bits       = 4096
distinguished_name = req_distinguished_name
req_extensions     = req_ext

[ req_distinguished_name ]
countryName                 = Country Name (2 letter code)
countryName_default         = US
stateOrProvinceName         = State or Province Name (full name)
stateOrProvinceName_default = NEW YORK
localityName                = Locality Name (eg, city)
localityName_default        = NEW YORK
organizationName            = Organization Name (eg, company)
organizationName_default    = SAMPLE
commonName                  = Common Name (e.g. server FQDN or YOUR name)
commonName_max              = 64
commonName_default          = sample.local

[ req_ext ]
subjectAltName = @alt_names

[alt_names]
DNS.1   = sample.local

first make the .KEY

openssl genrsa -out sample.local.key 4096

make the .CSR

openssl req -new -sha256 \
   -out sample.local.csr \
   -key sample.local.key \
   -config sample.local.conf

then

openssl req -text -noout -in sample.local.csr

create the .CRT

openssl x509 -req \
    -days 3650 \
    -in sample.local.csr \
    -signkey sample.local.key \
    -out sample.local.crt \
    -extensions req_ext \
    -extfile sample.local.conf

Then, on a mac, instead of going through the keychain, you can run the following command in terminal

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain sample.local.crt

Upvotes: 3

SSL Certificate Invalid on localhost

Answers (1)

Related Questions