Creating Auto-signed SSL Certificate for local testing
Have you ever wonder why in some sites there's this green lock in the navigation bar of the browser that says "Secure"? That my lovely readers is just a fancy way to display in your browser that the server you are connecting to has a TLS/SSL certificate. No, unfortunately, it does not mean that the website you are accessing to is necessarily secure. My friend Diego has an interesting post of how can you fake this sort of certificates using a Pineapple Wifi and a classic Man-in-the-middle attack. So you might wonder, if this does not mean that the site is secure, when what does it means?
Although the scope of this post is more on how to create auto-signed certificates on Mac with MAMP for local testing, rather than explaining what SSL certificates are, I do consider quite important to understand what they are. I found this cool video that gives a nice, graphic and simple explanation of what SSL certificates are:
As you might have understood from the video, TLS/SSL certificates are an essential part of the web security basics, because they provide another layer to protect and authenticate the communication with the server.
This post comes to light because I encountered myself in an interesting situation at work. We were struggling with some issues related to connecting to our website through HTTPS, but testing on staging (not production) was not only a bad idea, but also it was less efficient. Thus, I decided to test HTTPS in my own local server, in this case MAMP, to be more efficient. Given the fact that I did not have any clue of how to create this sort of certificate, I started digging through tutorials and found this excellent post of how creating, configuring and installing an auto-signed certificate for local testing. It was not complicated at all, and I'll explain a bit what happens when you create this certificate.
Although the scope of this post is more on how to create auto-signed certificates on Mac with MAMP for local testing, rather than explaining what SSL certificates are, I do consider quite important to understand what they are. I found this cool video that gives a nice, graphic and simple explanation of what SSL certificates are:
As you might have understood from the video, TLS/SSL certificates are an essential part of the web security basics, because they provide another layer to protect and authenticate the communication with the server.
This post comes to light because I encountered myself in an interesting situation at work. We were struggling with some issues related to connecting to our website through HTTPS, but testing on staging (not production) was not only a bad idea, but also it was less efficient. Thus, I decided to test HTTPS in my own local server, in this case MAMP, to be more efficient. Given the fact that I did not have any clue of how to create this sort of certificate, I started digging through tutorials and found this excellent post of how creating, configuring and installing an auto-signed certificate for local testing. It was not complicated at all, and I'll explain a bit what happens when you create this certificate.
Creating Auto-signed SSL Certificate
The steps are quite simple to understand, all you need to know as a basis is how does the public key encryption works. In case you needed, the Computerphile guys have an awesome video to explain that. Now that everyone has the context, the steps are quite simple:- Create an openssl public key.
- Create a X509 certificate (the most common type of SSL certificates) that relates with the public key.
- Generate a private key and related with the public key.
- In case you have not configured the Certificate and Certificate Authority (CA), you do it.
And that's it!
Why should I test locally with a SSL Certificate?
Sometimes we need to test stuff locally, and even though we cannot test everything in this sort of environment, we can at least try to do so and avoid unnecessary commits to the server that could have been tested earlier. Although in my case, in the end, was so useful to have it, it did help us to figure out that, in fact, the certificate itself was not the problem and we eventually tracked down it. Moreover, it's always fun and interesting to understand how does these things work.
Comentarios
Publicar un comentario