Generating SSL Certificate on macOS
Even when you develop your website locally, sometimes you still need to access it through an HTTPS connection. These are 4 simple steps to generate an SSL certificate on your macOS. In this example, I’m using my Nginx installation directory to store the generated files: /usr/local/etc/nginx.
1. Generate The Private Key
Step one it to generate an RSA private key:
$ openssl genrsa -out /usr/local/etc/nginx/ssl/test.dev/private.key 2048
2. Generate Certificate Request
Step two is to generate a new certificate request:
openssl req -new -subj "/C=/ST=/O=/localityName=/commonName=test.dev/organizationalUnitName=/emailAddress=/" -key /usr/local/etc/nginx/ssl/test.dev/private.key -out /usr/local/etc/nginx/ssl/test.dev/certsignreq.csr -passin pass:
3. Generate The Certificate
Step three is to actually generate the certificate:
openssl x509 -req -days 365 -in /usr/local/etc/nginx/ssl/test.dev/certsignreq.csr -signkey /usr/local/etc/nginx/ssl/test.dev/private.key -out /usr/local/etc/nginx/ssl/test.dev/certificate.crt
4. Trust The Certificate
Finally, add the generated certificate to the System Keychain:
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /usr/local/etc/nginx/ssl/test.dev/certificate.crt