This article was originally posted on my personal blog.
Creating a self-signed certificate is quite simple. However, Google Chrome flags most of them as insecure and doesn't even give you the "proceed" button/link.
In order to make it work, you need to add
-addext "extendedKeyUsage = serverAuth" in the
openssl command. Here is a complete example
openssl req \ -x509 \ -nodes \ -days 365 \ -newkey rsa:2048 \ -keyout server.key \ -out server.crt \ -addext "extendedKeyUsage = serverAuth"
This command will give you two files:
If you want to run the same command in a non-interactive mode you just add