카테고리 없음
localhost ssl
C/H
2024. 4. 13. 18:46
Localhost ssl
Linux
$ sudo apt install libnss3-tools
$ sudo yum install nss-tools
- Install binary package
$ curl -JLO "https://dl.filippo.io/mkcert/latest?for=linux/amd64" $ chmod +x mkcert-v*-linux-amd64 $ sudo mv mkcert-v*-linux-amd64 /usr/local/bin/mkcert
Mac
$ brew install mkcert
# Use Firefox Required
$ brew install nss
Windows
C:\> winget install mkcert
C:\> Scoop install mkcert
C:\> choco install mkcert
# 릴리즈 다운로드
https://github.com/FiloSottile/mkcert/releases
설치 확인
$ mkcert --version
Setup
Root CA 인증 생성 및 설치
$ mkcert -install
Created a new local CA 💥
Sudo password:
The local CA is now installed in the system trust store! ⚡️
설치 확인
$ mkcert -CAROOT
/Users/username/Library/Application Support/mkcert
지정 호스트 도메인 인증서 생성
$ mkcert "*.localhost" localhost 127.0.0.1 ::1
Created a new certificate valid for the following names 📜
- "*.localhost"
Warning: many browsers don't support second-level wildcards like "*.localhost" ⚠️
- "localhost"
- "127.0.0.1"
- "::1"
Reminder: X.509 wildcards only go one level deep, so this won't match a.b.localhost ℹ️
The certificate is at "./_wildcard.localhost+3.pem" and the key at "./_wildcard.localhost+3-key.pem" ✅
It will expire on 13 July 2026 🗓
생성 파일 확인
$ ls -al
total 72
-rw-------@ 1 username staff 1.7K 4 13 18:26 _wildcard.localhost+3-key.pem
-rw-r--r--@ 1 username staff 1.5K 4 13 18:26 _wildcard.localhost+3.pem
서버 적용
httpd-ssl.conf
<VirtualHost _default_:443>
DocumentRoot "/var/www/example"
ServerName example.dev:443
SSLEngine on
SSLCertificateFile "/usr/local/apache2/ssl/_wildcard.localhost+3.pem"
SSLCertificateKeyFile "/usr/local/apache2/ssl/_wildcard.localhost+3-key.pem"
...
</VirtualHost>
nginx.conf
http {
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name example.dev www.example.dev;
root /var/www/example;
ssl_certificate /usr/local/nginx/ssl/_wildcard.localhost+3.pem;
ssl_certificate_key /usr/local/nginx/ssl/_wildcard.localhost+3-key.pem
...
}
}
반응형