l
i
s
t a
r
t
i
c
l
e
[me@blog]$ ll tips
-rxwrx-rx- 1 me me 5 Feb 24 22:30 ./
-rxwrx-rx- 1 me me 5 Feb 24 22:30 ../
-r-wr--r-- 1 me me 11 Feb 24 22:30 prefix your shell command
-r-wr--r-- 1 me me 31 Mar 6 18:32 exit with a error from vi
-r-wr--r-- 1 me me 51 Mar 7 23:38 google chrome omnibox custom shortcuts
-r-wr--r-- 1 me me 4 Mar 24 12:09 redirect stderr and stdout command to vi
-r-wr--r-- 1 me me 48 Mar 24 13:02 install a missing command using suggestions
-r-wr--r-- 1 me me 5 Apr 26 15:36 show special characters in vi
-r-wr--r-- 1 me me 12 Apr 30 17:38 google chrome clear dns cache
-r-wr--r-- 1 me me 44 May 5 21:18 translate directly in google chrome omnibox
-r-wr--r-- 1 me me 140 May 8 20:02 manage gnome keyring with gkpass script
-r-wr--r-- 1 me me 6 May 22 14:04 test internet bandwidth with wget
-r-wr--r-- 1 me me 101 Sep 7 09:17 pgbench postgresql on ubuntu from scratch
-r-wr--r-- 1 me me 41 Sep 10 11:31 network manager strongswan in ubuntu 16.04
-r-wr--r-- 1 me me 557 Dec 12 14:34 migrate percona master master 5.1 to 5.5 galera
-r-wr--r-- 1 me me 71 Mar 20 22:56 install docker on jessie armhf
-r-wr--r-- 1 me me 12 May 1 15:45 call docker api using curl on local socket
-r-wr--r-- 1 me me 85 May 2 23:10 install nomad with systemd
-r-wr--r-- 1 me me 96 Jun 7 19:22 create selfsigned certificate chrome compatibile
-r-wr--r-- 1 me me 24 Nov 2 18:45 enable unity editor dark mode linux
-r-wr--r-- 1 me me 29 Nov 5 10:04 disable lutris ssl check
-r-wr--r-- 1 me me 54 Dec 28 10:16 forge networking build from source nat hole punch
-r-wr--r-- 1 me me 62 Dec 28 12:39 forge networking create nat hole systemd unit
[me@blog]$ ll tips|llcat \
\
\
"create selfsigned certificate chrome compatibile"

modify SITE var and run

export SITE=yoursite.com
openssl req \
    -newkey rsa:2048 \
    -x509 \
    -nodes \
    -keyout server.key \
    -new \
    -out server.crt \
    -subj /CN=$SITE \
    -reqexts SAN \
    -extensions SAN \
    -config <(cat /etc/ssl/openssl.cnf \
        <(printf "[SAN]\nsubjectAltName=DNS:$SITE\n") \
        <(printf "basicConstraints=CA:true")) \
    -sha256 \
    -days 3650

copy the certificate in your webserver or load balancer and import the server.crt locally so the browser can recognize it

certutil -d sql:$HOME/.pki/nssdb -A -n 'yoursite.com' -i server.crt -t TCP,TCP,TCP

for android (7.1.1) you can trust server.crt in Security & fingerprint > Credential storage > Install from storage

[me@blog]$ _
˅
comments