堆栈内存溢出
  简体   繁体   English

SSL证书在本地主机上无效

[英]SSL Certificate Invalid on localhost

 原文  2018-07-28 07:29:58       ssl/ https/ localhost/ certificate/ mamp-pro

问题描述

I'm trying to secure my localhost website (which is on MAMP pro) on Chrome (V68), so far I've done the following things: 我正在尝试在Chrome(V68)上保护我的localhost网站(位于MAMP pro上),到目前为止,我已经做了以下事情:

  • Generated the certificate and certificate key files through MAMP 通过MAMP生成了证书和证书密钥文件
  • Added the certificate to the keychain access and set to always trust 将证书添加到钥匙串访问中,并设置为始终信任
  • Dragged the certificate from Chrome, double clicked and made sure it was set to always trust 从Chrome拖动证书,双击并确保将其设置为始终信任

Looking at the Chrome developer security tools it says the following: 查看Chrome开发者安全工具时,它显示以下内容: 在此处输入图片说明

1 个解决方案

解决方案1
 3  2018-08-06 13:14:23

Mamp hasn't been great about fixing this bug, they need to generate more information in the SSL Cert. Mamp在解决此错误方面并不是很出色,他们需要在SSL证书中生成更多信息。 To fix it, you'll need to create a conf file and run some terminal commands. 要修复它,您需要创建一个conf文件并运行一些终端命令。 this has been working for me 这一直在为我工作

FIRST: The conf file sample.local.conf replace sammple.local with your local site url 首先:conf文件sample.local.conf用您的本地站点URL替换sammple.local 

[ req ]
default_bits       = 4096
distinguished_name = req_distinguished_name
req_extensions     = req_ext

[ req_distinguished_name ]
countryName                 = Country Name (2 letter code)
countryName_default         = US
stateOrProvinceName         = State or Province Name (full name)
stateOrProvinceName_default = NEW YORK
localityName                = Locality Name (eg, city)
localityName_default        = NEW YORK
organizationName            = Organization Name (eg, company)
organizationName_default    = SAMPLE
commonName                  = Common Name (e.g. server FQDN or YOUR name)
commonName_max              = 64
commonName_default          = sample.local

[ req_ext ]
subjectAltName = @alt_names

[alt_names]
DNS.1   = sample.local

first make the .KEY 首先制作.KEY 

openssl genrsa -out sample.local.key 4096

make the .CSR 制作.CSR 

openssl req -new -sha256 \
   -out sample.local.csr \
   -key sample.local.key \
   -config sample.local.conf

then 然后 

openssl req -text -noout -in sample.local.csr

create the .CRT 创建.CRT 

openssl x509 -req \
    -days 3650 \
    -in sample.local.csr \
    -signkey sample.local.key \
    -out sample.local.crt \
    -extensions req_ext \
    -extfile sample.local.conf

Then, on a mac, instead of going through the keychain, you can run the following command in terminal 然后,在Mac上,您无需在钥匙串中进行操作,而可以在终端中运行以下命令 

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain sample.local.crt

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 React Native localhost SSL 证书无效 - React Native localhost SSL certificate is Invalid 本地主机上的SSL证书不起作用 - SSL certificate on localhost not working 在本地主机上获取SSL证书 - Get ssl certificate on localhost 忽略无效的SSL证书 - Ignoring invalid SSL certificate Appcelerator SSL证书无效 - Appcelerator SSL Certificate Invalid Apache中无效的SSL证书 - Invalid SSL certificate in Apache 自我SSL-无效的证书 - Self SSL - Invalid Certificate Spring 引导本地主机中的 SSL 证书 - SSL certificate in Spring Boot localhost 本地主机子域上的ssl证书不起作用 - ssl certificate on localhost subdomain not working 本地主机服务器的 SSL/TLS 证书 - SSL/TLS Certificate for localhost server
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM