DEV Community

Andrei Canta
Andrei Canta

Posted on β€’ Originally published at deiucanta.com

Self-Signed Certificates that Work in Chrome

This article was originally posted on my personal blog.


Creating a self-signed certificate is quite simple. However, Google Chrome flags most of them as insecure and doesn't even give you the "proceed" button/link.

In order to make it work, you need to add -addext "extendedKeyUsage = serverAuth" in the openssl command. Here is a complete example

openssl req \
  -x509 \
  -nodes \
  -days 365 \
  -newkey rsa:2048 \
  -keyout server.key \
  -out server.crt \
  -addext "extendedKeyUsage = serverAuth"
Enter fullscreen mode Exit fullscreen mode

This command will give you two files: server.key and server.crt.

If you want to run the same command in a non-interactive mode you just add -subj "/C=US/ST=State/L=Locality/O=Organization/CN=www.example.com"

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

πŸ‘‹ Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay