Total Pageviews

Tuesday, 31 July 2018

让mac信任自签的证书

Here is a quick trick you can use to make sure your browsers accept self-generated SSL certificates on OS X.

This might be common knowledge in the web development community but today I am going to show you a quick trick to get your Mac to accept staging or development SSL certificates as if they were production certs.
Often we will have to work around the fact that SSL certificates in development don’t pass muster. We can get our local environment to load in an SSL certificate, but it won’t be valid.
Recently one of the team working on the football tipster site I run was explaining how they were having issues getting some service workers working properly because in development we use the domain name https://thefootytipster.dev and the SSL certificate is a self-signed thing that I made on my machine. Service workers rely on either being on localhost or on a trusted SSL connection.
I’ve been bitten before by updates to browsers suddenly deciding that the SSL certificate I was using in staging or development now isn’t good enough to allow me in.
Well, no more!

Getting OS X to trust self-signed SSL Certificates

Here is the guide for getting your browsers to accept self-generated SSL certificates on OS X. I am sure it is just as easy on other operating systems and hopefully this guide will give you a head start on what to search for.
  1. Locate where your certificate file is. It is likely to be somewhere near your web server configurations.
  2. Open up Keychain Access. You can get to it from Application/Utilities/Keychain Access.app.
  3. Drag your certificate into Keychain Access.
  4. Go into the Certificates section and locate the certificate you just added
  5. Double click on it, enter the trust section and under “When using this certificate” select “Always Trust”
Et viola, now when viewing your website locally your certificate will be trusted.

Video Guide to getting OS X to trust self-signed SSL Certificates

If you would prefer to follow along with a video, you can!

from https://tosbourn.com/getting-os-x-to-trust-self-signed-ssl-certificates/

No comments:

Post a Comment