SSL Certificate
Created on:
Wednesday, October 10, 2018

How to generate Self-Signed SSL Certificate locally for MacOS

This article will walk you through how to generate self-signed SSL certificate, locally, for MacOS.

Step 1: Make sure you have openssl installed.

Step 2: Add ssl folder /var/www/webconsol/ssl (this can be anyway, but we just like to have it outside of /etc/apache2 folder)

Step 3: Launch your Terminal command prompt, and type in:

  • Generate host keys:

    sudo openssl genrsa -out /var/www/webconsol/ssl/localhost.key 2048
    sudo openssl rsa -in /var/www/webconsol/ssl/localhost.key -out /var/www/webconsol/ssl/localhost.key.rsa
  • Create a configuration file using Terminal.app:

    sudo vim /var/www/webconsol/ssl/localhost.conf and add the following configuration

    [req]
    default_bits = 1024
    distinguished_name = req_distinguished_name
    req_extensions = v3_req

    [req_distinguished_name]

    [v3_req]
    basicConstraints = CA:FALSE
    keyUsage = nonRepudiation, digitalSignature, keyEncipherment
    subjectAltName = @alt_names

    [alt_names]
    DNS.1 = localhost
    DNS.2 = *.localhost
  • Generate the required Certificate Requests using Terminal.app:

    sudo openssl req -new -key /var/www/webconsol/ssl/localhost.key.rsa -subj "/C=/ST=/L=/O=/CN=localhost/" -out /var/www/webconsol/ssl/localhost.csr -config /var/www/webconsol/ssl/localhost.conf

    Note: Complete the values C= ST= L= O= CN= to reflect your own organizational structure, where:
    C= eq. Country: The two-letter ISO abbreviation for your country.
    ST= eq. State or Province: The state or province where your organization is legally located.
    L= eq. City or Locality: The city where your organization is legally located.
    O= eq. Organization: he exact legal name of your organization.
    CN= eq. Common Name: The fully qualified domain name for your web server
  • Use the Certificate Requests to sign the SSL Certificates using Terminal.app:

    sudo openssl x509 -req -extensions v3_req -days 365 -in /var/www/webconsol/ssl/localhost.csr -signkey /var/www/webconsol/ssl/localhost.key.rsa -out /var/www/webconsol/ssl/localhost.crt -extfile /var/www/webconsol/ssl/localhost.conf
  • Add the SSL Certificate to Keychain Access:

    sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /var/www/webconsol/ssl/localhost.crt

Recap: at the end, you should have the following file:

  • localhost.conf
  • localhost.crt
  • localhost.csr
  • localhost.key
  • localhost.key.rsa

NOTE:

localhost can be "localhost-aem-publish.webconsol.com" and make sure to have a virtual host configured for it, if it's NOT localhost.

back to blog
Previous Post
Next Post
Stop blending in with the rest of the crowd &
start leaving your mark on the web.
Your success is our success

Let's work together

Call (toll-free) +1.877.412.0888
or
Request a proposal
WEBCONSOL Logo

Serving enterprise clients with our expertise in AEM and other digital solutions.

Contact Us

Address: Montreal, Quebec, Canada

Email: 

Phone: 

Careers: We're Hiring

Subscribe to our Latest News

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form
© 2018 WEBCONSOL Inc. All rights reserverd
we look forward to working withy ou to solve your business problems

Let's Get in Touch

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form
Let's get you started

Request a Proposal

Thank you! We will get back to you shortly!
Oops! Something went wrong while submitting the form