In this guide, we have seen it is possible to have localhost served up with SSL. Then rerun the request as shown below this time, we will have a secure 200 OK message. In the Postman settings, make sure that CA certificates are turned on and select the CA.pem file. To solve this issue, we can add our CA to Postman. The warning in details will look like this below: However, the problem is we still have red security warning because our SSL certificate is off. We have been able to get a 200 OK message, which is good at this stage. Then we resend the request in Postman, and the results will be: In Postman settings, make sure that SSL certificate verification is turned off. The process of configuring the API Client is the same as the browser, and the difference is one has to disable certificate validation. Step 6: Configuring and testing the API Client The browser is now ok, and they trust our CA and the certificate. Next, we will test it in Firefox as demonstrated below: Then click on import and choose the CA.pem and check the checkbox to trust the CA that has been just imported, and then click Ok. In Firefox, open Options, and navigate to Privacy and Security and click on View Certificates as shown below: Step 5: Importing CA Certificate to the browserįor the browser to trust the CA certificate we created, there is a need to import the certificate. To deal with this, we first test our link with Postman as below:Īs can be seen above, the SSL certificate cannot be verified. Even after serving up our localhost with SSL and inspecting the signed certificate, Firefox would not trust the CA that signed this certificate, which is correct we cannot be trusted as a CA. Now that our server is serving up our SSL, we can try our link in our Firefox browser as shown below: In our case, we will sign the certificate just like the way CA does.įirst step will be to generate a root CA certificate using below commands:Ī success message: Server is Listening on will be displayed on the console. However, there is no CA issues certificate for localhost, simply because no one owns localhost. They are trusted issuers of the internet and do their due diligence on whether the site does what it is supposed to do before issuing any certificate. SSL certificates are usually signed by third-party companies known as Certificate Authority (CA).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |