renew_self_signed_cert
This script will renew the private key key.pem and the self-signed certificate cert.pem in the given directory ($PWD if not given).
The optional second positive integer parameter (range: [1, 24855]) specifies the number of days the certificate is valid for; the default is 30 days.
The optional third parameter is the common name (localhost if not given) of the certificate to be renewed.
On macOS, the certificate will be renewed in the "login" keychain also.
|
Chrome and Safari need no further configuration. For Firefox the old certificate has to be deleted manually, and the renewed one has to be added manually. Docker needs to be restarted. |
|
Certificates with more than 180 days validity will not be accepted by the Apple platform or Safari. |
|
Copy the script into your Node.js project and add it as a custom script to your package.json
|
Usage
$ scripts/cert/renew_self_signed_cert.sh$ scripts/cert/renew_self_signed_cert.sh dist/etc/nginx
$ scripts/cert/renew_self_signed_cert.sh . 30
$ openssl x509 -enddate -noout -in ~/.local/secrets/certs/https.internal/cert.pem
notAfter=Aug 8 11:18:36 2024 GMT
$ scripts/cert/renew_self_signed_cert.sh ~/.local/secrets/certs/https.internal 10 https.internal
Removing 'https.internal' certificate from keychain /Users/example/Library/Keychains/login.keychain-db ...
Adding 'https.internal' certificate (expires on: 2024-09-17) to keychain /Users/example/Library/Keychains/login.keychain-db ...
$ date -Idate
2024-08-07
$ openssl x509 -startdate -noout -in ~/.local/secrets/certs/https.internal/cert.pem
notBefore=Aug 7 16:53:53 2024 GMT
$ openssl x509 -enddate -noout -in ~/.local/secrets/certs/https.internal/cert.pem
notAfter=Aug 17 16:53:53 2024 GMT