Return to Question

Bumped by Community user

occurred Jun 17, 2018 at 3:23

Bumped by Community user

occurred May 17, 2018 at 20:51

Bumped by Community user

occurred Apr 16, 2018 at 1:52

Bumped by Community user

occurred Mar 16, 2018 at 23:10

Tweeted twitter.com/ServerFault/status/938807618230988800

occurred Dec 7, 2017 at 16:29

added 110 characters in body

Source Link

edited Oct 25, 2016 at 10:41

thomasfedb

I've attempted to set up a wildcard *.localhost for HTTP and HTTPS with Nginx proxying requests to localhost:3000. DNSmasq is used for resolving *.localhost to 127.0.0.1.

Everything works fine for HTTP, but HTTPS connections receive the following error in Google Chrome:

There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID).

The certificate is a self-signed certificate that I've added to Chrome via settings, and was generated with the following command:

openssl req -x509 -sha256 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -days 3650 -nodes

The Subject is as follows:

Subject: C=AU, ST=Western Australia, L=Perth, O=Zephon, CN=*.localhost

My Nginx config is as follows:

server { listen 80; listen 443 ssl; server_name localhost; ssl_certificate /etc/nginx/ssl/localhost.crt; ssl_certificate_key /etc/nginx/ssl/localhost.key; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Client-Verify SUCCESS; proxy_set_header X-Client-DN $ssl_client_s_dn; proxy_set_header X-SSL-Subject $ssl_client_s_dn; proxy_set_header X-SSL-Issuer $ssl_client_i_dn; proxy_read_timeout 1800; proxy_connect_timeout 1800; } }

I've attempted to set up a wildcard *.localhost for HTTP and HTTPS with Nginx proxying requests to localhost:3000. DNSmasq is used for resolving *.localhost to 127.0.0.1.

Everything works fine for HTTP, but HTTPS connections receive the following error in Google Chrome:

There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID).

The certificate is a self-signed certificate that I've added to Chrome via settings, and was generated with the following command:

openssl req -x509 -sha256 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -days 3650 -nodes

My Nginx config is as follows:

server { listen 80; listen 443 ssl; server_name localhost; ssl_certificate /etc/nginx/ssl/localhost.crt; ssl_certificate_key /etc/nginx/ssl/localhost.key; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Client-Verify SUCCESS; proxy_set_header X-Client-DN $ssl_client_s_dn; proxy_set_header X-SSL-Subject $ssl_client_s_dn; proxy_set_header X-SSL-Issuer $ssl_client_i_dn; proxy_read_timeout 1800; proxy_connect_timeout 1800; } }

I've attempted to set up a wildcard *.localhost for HTTP and HTTPS with Nginx proxying requests to localhost:3000. DNSmasq is used for resolving *.localhost to 127.0.0.1.

Everything works fine for HTTP, but HTTPS connections receive the following error in Google Chrome:

There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID).

The certificate is a self-signed certificate that I've added to Chrome via settings, and was generated with the following command:

openssl req -x509 -sha256 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -days 3650 -nodes

The Subject is as follows:

Subject: C=AU, ST=Western Australia, L=Perth, O=Zephon, CN=*.localhost

My Nginx config is as follows:

server { listen 80; listen 443 ssl; server_name localhost; ssl_certificate /etc/nginx/ssl/localhost.crt; ssl_certificate_key /etc/nginx/ssl/localhost.key; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Client-Verify SUCCESS; proxy_set_header X-Client-DN $ssl_client_s_dn; proxy_set_header X-SSL-Subject $ssl_client_s_dn; proxy_set_header X-SSL-Issuer $ssl_client_i_dn; proxy_read_timeout 1800; proxy_connect_timeout 1800; } }

Source Link

asked Oct 25, 2016 at 8:32

thomasfedb

Wildcard *.localhost SSL with Nginx and Chrome

I've attempted to set up a wildcard *.localhost for HTTP and HTTPS with Nginx proxying requests to localhost:3000. DNSmasq is used for resolving *.localhost to 127.0.0.1.

Everything works fine for HTTP, but HTTPS connections receive the following error in Google Chrome:

There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID).

The certificate is a self-signed certificate that I've added to Chrome via settings, and was generated with the following command:

openssl req -x509 -sha256 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -days 3650 -nodes

My Nginx config is as follows:

server { listen 80; listen 443 ssl; server_name localhost; ssl_certificate /etc/nginx/ssl/localhost.crt; ssl_certificate_key /etc/nginx/ssl/localhost.key; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Client-Verify SUCCESS; proxy_set_header X-Client-DN $ssl_client_s_dn; proxy_set_header X-SSL-Subject $ssl_client_s_dn; proxy_set_header X-SSL-Issuer $ssl_client_i_dn; proxy_read_timeout 1800; proxy_connect_timeout 1800; } }