### Documentation:
https://betterprogramming.pub/trusted-self-signed-certificate-and-local-domains-for-testing-7c6e6e3f9548
### Enable on FireFox
https://blog.jeroenhd.nl/article/firefox-for-android-using-a-custom-certificate-authority
##########
FOLDER STRUCTURE
OS Linux (Docker):
/srv/sewa/cert001
All the same on HDD is in folder:
C:\_A001\REPOS\OWN\server001\server\srv\sewa\cert001
##########
### ACTIONS:
### on Linux
### Generate root ssl certificate.
cd /srv/sewa/cert001openssl genrsa -des3 -out rootCA.key 2048openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1460 -out rootCA.pem
### Add root certificate on windows
cd C:\_A001\REPOS\OWN\server001\server\srv\sewa\cert001certutil -addstore -f "ROOT" rootCA.pem### ~outputs
ROOT "Trusted Root Certification Authorities"
Signature matches Public Key
Certificate "Sewa" added to store.
CertUtil: -addstore command completed successfully.### Add root certificate on Manjaro Linux
sudo trust anchor /home/qqq/---mpoint---/REPOS/OWN/server001/server/srv/sewa/cert001/rootCA.pemsudo update-ca-trust##########
# Generate an SSL SAN Certificate With the Root Certificate
# FILE:
server.csr.cnf
[req]
default_bits = 2048
prompt = no
default_md = sha256
distinguished_name = dn
[dn]
C=KZ
ST=ZKO
L=Borg
O=BorgTechService
OU=Unimatrix
emailAddress=vsevolod.azovsky@gmail.com
CN = borg.home
# FILE:
v3.ext
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = zero.home
DNS.2 = sss.zero.home
DNS.3 = vov.zero.home
DNS.4 = m45a.zero.home
DNS.5 = borg.home
DNS.6 = router.home
DNS.7 = cameras.home
DNS.8 = printer.home
DNS.9 = chat.home
DNS.10 = a.home
DNS.11 = b.home
DNS.12 = c.home
DNS.13 = d.home
DNS.14 = e.home
DNS.15 = f.home##########
openssl req -new -sha256 -nodes -out server.csr -newkey rsa:2048 -keyout server.key -config server.csr.cnfopenssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 500 -sha256 -extfile v3.ext
#ТСОКРМ #ЗапискиБывалых #CLI #SSL