You need to create a personal Certificate Authority and install this CA into your system and browsers. Then you can create any number of self signed certificates for any domain you want.
-
Create your CA (write down the passphrase)
openssl genrsa -des3 -out myCA.key 2048 openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out myCA.pem
-
Install your CA system-wide (this is for Arch linux)
sudo cp myCA.pem /etc/ca-certificates/trust-source/anchors/myCA.crt sudo trust extract-compat
If some browser doesn't pick up this certificate, you can also manually install the
myCA.pem
into the browser's keychain. Search the web for instructions on how to install custom CA certificates. -
Create server certs for your domains (see
makecert.sh
below). You can leave most details blank except for the domain name. The script will ask for the passphrase of your CA key, so have that ready. You need themyCA.key
andmyCA.pem
from step 1 in the same directory asmakecert.sh
../makecert.sh exampledomain.dev
-
Add
exampledomain.dev/example.dev.crt
andexampledomain.dev/example.dev.key
to your webserver (in Nginx those aressl_certificate
andssl_certificate_key
respectively).