On this page
The ssl icon on the paper

Create a self-signed SSL certificate and update Keychain Access on MacOS

Easily create a self-signed SSL certificate and update Keychain Access on MacOS using the terminal.

Creating a self-signed SSL certificate and updating Keychain Access on MacOS might be tricky. However, with mkcert this process can be done easily.

How to create a self-signed certificate with the command line?

We’ll use a simple tool called mkcert to make locally trusted development certificates. Here are the steps:

  1. Install mkcert using brew:

    brew install mkcert
    brew install nss # if you use Firefox
  2. Generate a self-signed certificate for your local domain:

    mkcert --install localhost.example.com

    This should generate certificates: ./localhost.example.com-client-key.pem and ./localhost.example.com-client.pem

    john@MacBook ~ % mkcert --client --install localhost.example.com
    The local CA is already installed in the system trust store!
    The local CA is already installed in the Firefox trust store!
    
    Created a new certificate valid for the following names
     - "localhost.example.com"
    
    The certificate is at "./localhost.example.com-client.pem" and the key at "./localhost.example.com-client-key.pem"
    
    It will expire on 20 July 2025

That’s all.

Updating Nginx configuration

Those who use Nginx may want to update the configuration. Example:

server {
   listen *:443 ssl http2;
   root /var/www/example;
   server_name localhost.example.com;
   ssl_certificate /path/to/certificate/localhost.example.com-client.pem; 
   ssl_certificate_key /path/to/certificate/localhost.example.com-client-key.pem;
}

If Nginx were installed using brew don’t forget to restart Nginx:

brew services restart nginx

Related posts

Comments

Leave a Reply

Search in sitelint.com

Is your site slow?

Discover performance bottlenecks to provide a better customer experience and meet your company’s revenue targets.

Real-user monitoring for Accessibility, Performance, Security, SEO & Errors (SiteLint)