创建本地 LocalHost SSL 证书

$ mkcert -install

Created a new local CA at "/Users/filippo/Library/Application Support/mkcert" ?
The local CA is now installed in the system     trust store! ⚡️
The local CA is now installed in the Firefox    trust store (requires browser restart)! ?

$ mkcert example.com "*.example.com"    example.test localhost 127.0.0.1 ::1

Using the local CA at "/Users/filippo/Library/Application Support/mkcert" ✨

Created a new certificate valid for the     following names ?
 - "example.com"
 - "*.example.com"
 - "example.test"
 - "localhost"
 - "127.0.0.1"
 - "::1"

# 证书文件输出在当前目录下
The certificate is at "./example.com+5.pem"     and the key at "./example.com+5-key.pem" ✅

$ brew install mkcert
$ brew install nss # Firefox 浏览器支持

$ sudo apt install libnss3-tools

或者

$ sudo yum install nss-tools

或者

$ sudo pacman -S nss

或者

$ sudo zypper install mozilla-nss-tools

$ brew install mkcert

$ git clone https://github.com/FiloSottile/mkcert
$ cd mkcert
$ go build -ldflags "-X main.Version=$(git describe --tags)"

$ choco install mkcert

$ brew install nginx

ssl_certificate /usr/local/etc/nginx/ssl/example.com+5.pem;
ssl_certificate_key /usr/local/etc/nginx/ssl/example.com+5-key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES2

$ nginx -t && nginx -s reload