Sometimes I need a TLS1 certificate, for some local HTTPS or other services/protocols with some level of security to play nicely.
Make sure you have
openssl installed on your computer. Then run:
openssl req -nodes -new -x509 \
-keyout server.key -out server.crt \
- replace values for the parameters (
CN) to your needs
- a self-signed certificate is usually not considered secure by browsers; you might need to add them manually to the necessary certificate stores
- use mkcert.dev if you need something slightly more sophisticated
Similar name, but different use case: mkcert.org — to get a PEM file of certificates you want to trust. For example if you want to build/use apps with custom certificate trust store.
Yep, I will only talk about TLS, we should really forget about SSL, because despite marketing those protocol versions shall never be used again.