local SSL certificates

Even though this was a Sunday, I spent much way more time on my laptop than I intended to. Bringing a client project back up on my new environment, figuring out how this works on Windows, trying to decide whether things are better be done inside WSL2 or on Windows, etc. I’m not convinced whether I really learned that much.

I have created self-signed certificates and Certificate Authorities on macOS, Linux and now Windows 10 within the past 2 years and even though it’s somewhat the same process, the overall thing seems so tedious:

  1. create the CA key
  2. create the CA certificate
  3. trust the CA certificate
  4. create the domain key
  5. create the domain certificate signing request
  6. create the domain certificate

And then go back and fix whatever assumptions the tutorial you used made and pull your hair out trying to fix them. One of them—and it’s not new to me but still makes me mad—is the chromium error code NET::ERR_CERT_COMMON_NAME_INVALID, when browsers haven’t been using the Common Name in years. To make a long story short: This is one aspect of my work I want a “two-click”-solution to. I want to create a CA and trust it, and then I want to create SSL certificates and trust those, cross-platform without having to deep-dive into CA-stores and whatnot.