Do not run this in production

• Generate root CA private key ( rootCA.key )

openssl genrsa -des3 -out rootCA.key 2048

• Generate root CA certificate ( rootCA.pem )

openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem

• Trust generated root CA cert
  • Add rootCA.pem to keychain via File-> Import
  • Double click on the added pem and change 'Trust' settings to 'Always Trust'

• Create server.csr.cnf file ( For domain private key creation ) See cert/server.csr.cnf

• Create v3.ext file ( For domain certificate creation. Based on x509 ) See cert/v3.ext

• Generate Domain private key ( server.key )

openssl req -new -sha256 -nodes -out server.csr -newkey rsa:2048 -keyout server.key -config <( cat server.csr.cnf )

• Generate Domain certificate ( server.crt )

openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 500 -sha256 -extfile v3.ext

See index.js