How to create a certificate for free and display it on the browser via HTTPS

DevEnv
スポンサーリンク
スポンサーリンク

At first

Sometimes you need an SSL certificate for testing when you are developing a web application or building a cloud environment.

At such times, it may be time consuming or costly to ask the certificate authority to issue it, so you may make a self-certificate to prove yourself and confirm it.

However, recently, the security of browsers and operating systems has become stricter, so if you do not set it as a self-certificate, it may not be displayed in the browser.

This page explains how to create a self-certificate and how to display a self-certificate site in your browser.

Self-certificate sites are less secure and should only be used in limited scenes, such as temporary testing during development.

How to create a self-signed certificate

Self-signed certificates can be easily created with the following command:

Https communication can be performed by setting the completed private key file and certificate file to a web server, etc.

openssl genrsa -out "ca_key.pem" 2048
openssl req -new -key "ca_key.pem" -out "ca_cert.csr"
openssl x509 -req -days 825 -in "ca_cert.csr" -signkey "ca_key.pem" -out "ca_cert.pem"

The following files are created when you run the command:

ca_key.pemPrivate key file
ca_cert.csrCSR file
CSR is a file that is used to make a certificate signing request and contains a public key that is contrasted with a private key with a distingued name, such as the name or location of the organization.
ca_cert.pem
Certificate file where the CSR file is signed with the private key file
Actually, it is necessary to sign with the private key of the certificate authority, but this time it is a self-signed certificate because it is signed with the private key created by myself.

If openssl is not installed

Windows

Download and install from the following site.

Win32/Win64 OpenSSL Installer for Windows - Shining Light Productions

Ubuntu

Run and install the following command:

sudo apt-get install openssl

Mac version browser

Safari

When you view the self-certificate site in Safari, the screen below will be displayed, so click “Show Details”.

Click “vist this website”.

After clicking “Visit Website” and authenticating the password of the OS, the site will be displayed.

Chrome

To view the self-certificate site in Chrome, follow the steps above in Safari so that you can view it in Safari, and then follow these steps:

If safari allows you to view self-certificate sites, self-certificates are added to Keychain Access.

When you access the self-authentication site with Chrome, the screen below will be displayed, so click “Settings” from “Ccustomaize and control Google Chrome” on the upper right.

Click “Security” in “Privacy and security”.

Click “Manage certificates”.

A self-certificate has been added to the Keychain Access, so click it.

Click “Trust” to view it, change “When using this certificate” to “Always Trust”, and close the screen to authenticate the OS password.

If you view the site again in Chrome and click the “Proceed to xxxx (unsafe)” link from “Advanced”, the site will be displayed.

Windows version browser

Edge (Chromium version)

When you display the self-signed certificate site on Edge (Chromium version), the screen below will be displayed. Click “Advanced”.

Click “Continue to xxx.xxx.xxx.xxx(unsafe)” to see the site.

Chrome

When you display the self-signed certificate site on Chromw, the screen below will be displayed. Click “Advanced”.

Click “Proceed to xxx.xxx.xxx.xxx(unsafe)” to see the site.

Edge (before Chromium version)

When you display the self-signed certificate site on Edge (before Chromium version), the screen below will be displayed. Click “Details”.


Click “Go to the webpage(not recommended)” to see the site.

Comment

スポンサーリンク