Local CA - HackMD

# Local CA {%hackmd @RintarouTW/About %} ## Install ```!bash brew install mkcert ``` **Installed CA path** ```!bash mkcert -CAROOT ~/Library/Application Support/mkcert ``` ## Make Server Certificate for localhost ```!bash mkcert localhost ``` ### express with server certificate ```!javascript import https from 'https' import express from 'express' const credentials = { cert: fs.readFileSync("/Users/allen/.localhost-ssl/localhost.pem"), key: fs.readFileSync("/Users/allen/.localhost-ssl/localhost-key.pem") } const app = express() const server = https.createServer(credentials, app) ``` ## Make Client Certificate ```!bash mkcert -client localhost ``` ### Let Node to know local CA certificate ```!bash export NODE_EXTRA_CA_CERTS=~/Library/Applcation Support/mkcert/rootCA.pem ``` **axios to use certificate** ```!javascript const httpsAgent = new https.Agent({ //rejectUnauthorized: false, // (NOTE: this will disable client verification) cert: fs.readFileSync("./localhost-client.pem"), key: fs.readFileSync("./localhost-client-key.pem"), passphrase: "YYY" }) axios.get('https://localhost/',httpsAgent).then(...) ``` ###### tags: `localhost` `CA` `https` `certificate` `axios` `express`