filmov
tv
Trusted Self-signed SSL Certificate and local domains for testing
Показать описание
#security #ssl #trustedslefsignedssl
References
Most of the time, we will have a scenario to have different domains other than the localhost to test the applications locally and also to have trusted self-signed SSL certificates.
Let us now see how to quickly set up the local domains and trusted self-signed certificate for testing in windows, the same can be used with other systems with some additional steps.
Sometimes, we may need to have different domains to test our application in the development environment. The DNS setup will consume more time and cost, the local domains help us to test the applications quickly in development environments.
Edit the windows hosts file — C:\Windows\System32\drivers\etc\hosts, add the below entries to map the test domains to 127.0.0.1 so that the defined domains will be able to access the application running on localhost within the same machine.
Let us now create a self-signed certificate through OpenSSL
Create an RSA-2048 key and save it to a file rootCA.key
openssl genrsa -des3 -out rootCA.key 2048
“Enter passphrase for rootCA.key” — enter a passphrase and store it securely.
Create a root certificate through the key generated
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1460 -out rootCA.pem
Change the validity days as needed
“Enter passphrase for rootCA.key” — enter the passphrase used while generating the root key
Enter the other optional information
Country Name (2 letter code) [AU]: US
State or Province Name (full name) [Some-State]: MN
Locality Name (eg, city) []:Eagan
Organization Name (eg, company) [Internet Widgits Pty Ltd]: Tech Forum
Organizational Unit Name (eg, section) []:Marketing
Common Name (e.g. server FQDN or YOUR name) []: Local certificate
Now the root certificate is ready, let us Trust the root SSL certificate in the local system
Run the below command through command prompt(run through elevated access)
certutil -addstore -f "ROOT" rootCA.pem
Now the root certificate is added as part of the “Trusted Root Certification Authorities”
Even the root certificate can be managed through Browsers, In Chrome navigate to Settings → Privacy and Security →Security → Manage Certificates → Trusted Root Certification Authorities
If you use Firefox for local testing, it will not consider the Root Certificates from the Windows Cert store(Chrome and Edge refer to the root certificates from windows cert store) the Self Signed Root certificate should be imported to Firefox separately.
Navigate to Options→ Privacy and Security →Security → Certificates → View Certificates
You can import/export and remove the certificates, import the rootCA certificate generated in the earlier steps, select “Trust this CA to identify websites”
Create a private key and CSR (Certificate Signing Request) for the localhost certificate
Let us issue a certificate via the root SSL certificate and the CSR created earlier.
“Enter passphrase for rootCA.key:” enter the passphrase used while generating the root key
References
Most of the time, we will have a scenario to have different domains other than the localhost to test the applications locally and also to have trusted self-signed SSL certificates.
Let us now see how to quickly set up the local domains and trusted self-signed certificate for testing in windows, the same can be used with other systems with some additional steps.
Sometimes, we may need to have different domains to test our application in the development environment. The DNS setup will consume more time and cost, the local domains help us to test the applications quickly in development environments.
Edit the windows hosts file — C:\Windows\System32\drivers\etc\hosts, add the below entries to map the test domains to 127.0.0.1 so that the defined domains will be able to access the application running on localhost within the same machine.
Let us now create a self-signed certificate through OpenSSL
Create an RSA-2048 key and save it to a file rootCA.key
openssl genrsa -des3 -out rootCA.key 2048
“Enter passphrase for rootCA.key” — enter a passphrase and store it securely.
Create a root certificate through the key generated
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1460 -out rootCA.pem
Change the validity days as needed
“Enter passphrase for rootCA.key” — enter the passphrase used while generating the root key
Enter the other optional information
Country Name (2 letter code) [AU]: US
State or Province Name (full name) [Some-State]: MN
Locality Name (eg, city) []:Eagan
Organization Name (eg, company) [Internet Widgits Pty Ltd]: Tech Forum
Organizational Unit Name (eg, section) []:Marketing
Common Name (e.g. server FQDN or YOUR name) []: Local certificate
Now the root certificate is ready, let us Trust the root SSL certificate in the local system
Run the below command through command prompt(run through elevated access)
certutil -addstore -f "ROOT" rootCA.pem
Now the root certificate is added as part of the “Trusted Root Certification Authorities”
Even the root certificate can be managed through Browsers, In Chrome navigate to Settings → Privacy and Security →Security → Manage Certificates → Trusted Root Certification Authorities
If you use Firefox for local testing, it will not consider the Root Certificates from the Windows Cert store(Chrome and Edge refer to the root certificates from windows cert store) the Self Signed Root certificate should be imported to Firefox separately.
Navigate to Options→ Privacy and Security →Security → Certificates → View Certificates
You can import/export and remove the certificates, import the rootCA certificate generated in the earlier steps, select “Trust this CA to identify websites”
Create a private key and CSR (Certificate Signing Request) for the localhost certificate
Let us issue a certificate via the root SSL certificate and the CSR created earlier.
“Enter passphrase for rootCA.key:” enter the passphrase used while generating the root key
0:13:36
Trusted Self-signed SSL Certificate and local domains for testing
0:25:01
How to create a valid self signed SSL Certificate?
0:02:31
Trust self-signed certificates
0:11:02
How does HTTPS work? What's a CA? What's a self-signed Certificate?
0:05:29
IIS SSL - How to Trust a Self Signed Certificate
0:02:05
IIS - How to Create Self Signed SSL Certificate for HTTPS
0:12:08
Quick and Easy Local SSL Certificates for Your Homelab!
0:16:23
Certificates and Certificate Authority Explained
0:21:50
Certificates from Scratch - X.509 Certificates explained
0:15:10
Trusted Self Signed Certificates using openssl |Linux Warning free SSL Certificate Authority (CA)
0:43:29
HTTPS, SSL, TLS & Certificate Authority Explained
0:14:47
How to create self signed SSL certificate using OpenSSL
0:05:05
How to get HTTPS working in localhost (Self Signed localhost SSL Certificates)
0:14:12
Server Certificates - Self Signed and LetsEncrypt Certificates for the LAN
0:10:56
How to trust a self signed certificate in IIS Windows Server 2019
0:05:40
Key Players of SSL & TLS: Client, Server, Certificate Authority (CA) - Practical TLS
0:11:52
How to create self signed SSL certificate using OpenSSL
0:16:47
Digital Certificates: Chain of Trust | Self-Signed Cert, Root Cert, Intermediate Cert, Server Cert
0:05:12
Self Signed Certificates | Top Docs with Jay LaCroix
0:08:19
Creating Self Signed Certificate - self signed certificate |Generating self signed SSL certificate
0:15:13
How HTTPS Works, Certification Authority, Self signed certificate,SSL and TLS in detail
0:14:35
How to create a CA-signed SSL certificate
0:03:04
How to generate a self-signed SSL certificate for an IP address on a Standalone machine
0:00:21
HOW TO ADD SSL CERTIFICATE TO ASP.NET CORE | DNCDEVELOPER #shorts #youtubeshorts #aspdotnetcore
Комментарии