How do I install a self-signed certificate to localhost?

Step 1

openssl genrsa -des3 -out myCA.key 2048
openssl req -x509 -new -nodes -key ca.key -sha256 -days 99999 -out ca.pem
NAME=localhost.com
openssl genrsa -out .key 2048
openssl req -new -key .key -out .csr
>$NAME.ext cat <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = $NAME
DNS.2 = localhost
IP.1 = 127.0.0.1
EOF
openssl x509 -req -in .csr -CA ca.pem -CAkey ca.key -CAcreateserial -out .crt -days 99999 -sha256 -extfile $NAME.ext

stackoverflow.com/a/60516812

Step 2

chrome://settings/security

Scroll the page down to the «Manage certificates» section and open the popup using the arrow at right:

01

Step 3

Press the «Import» button:
01

Step 4

Press «Next»:
02

Step 5

Press «Browse»:
03

Step 6

Choose the ca.pem file and press «Next»:
04

Step 7

  1. Choose the «Place all certificates in the following store» radio button.
  2. Choose «Trusted Root Certification Authorities» in the «Certificate store» field
  3. Press «Next»:
    05

Step 8

Press «Finish»:
06

Step 9

Press «Yes»:
07

Step 10

Press «OK»:
08

Step 11

Use the .crt and .key files in your webserver settings, e.g.:

01

My new manual: How to build a certificates chain of trust in Windows using openssl?