Root certificate for LAN?
I'm working on PWA development and the HTTPS requirement of them has been an issue throughout development this far, because I need to test on my phone over my WiFi. Usually
localhostand equivalents are allowed for testing, but the thing is that once its left my device, that's not the case. So, as a result, the service worker will be deleted once the temporary cache is thrown away by the browser.
Sorry if that was a little long winded, TLDR:I need HTTPS to test my webapp on my phone over LAN, but cant due to PWA standards.
Anyways, the main issue is that the default Laragon certificate is only set up using
localhost, ect, not your computers IP on your network. Although that's perfectly reasonable, because 1, I'm an edge-case, and 2, theres no way to really modify the
auto.openssl.cnffile to incorporate that during install or whatever.
So that leads to my question I suppose. To get my PWA to properly install on my phone for testing I need to make a Root Certificate, and said root certificate needs to have
192.168.1.175as the domain I guess. I tried doing this myself, with varying levels of success. I set up a CA on my computer following this guide, and set up a conf file with the following for DNS:
[alt_names] DNS.1 = localhost DNS.2 = 192.168.1.175
Doing this made a key and all, but when I tried to manually replace the config in Laragons files, (in etc/apache-2/sites-enabled/00-default.conf replacing the key file with mine), but couldn't get Laragon to accept it, and it just kept throwing errors, even after I put the SSL keys back to the defaults, so I just uninstalled/reinstalled.
If anyone knows how to do (or how to properly do) this, I'd appreciate any help!
PS I love Laragon, its probably the best web server I've ever worked with. Massive thanks to the developers for making it happen!
@K4rakara : Please don't change the
auto.openssl.cnfbecause it is auto-generated. Just update this template file:
Laragon will take care of the rest.
@leokhoa Hey, thanks, didn't realize that I shouldn't modify that file. Modifying that worked, but only for https://localhost. Heres the rather odd error screen i get at https://192.168.1.175 :
In the list it says 192.168.175 is valid, but it won't work. I tried adding *.192.168.1.175, but got the same result.
Now if I only needed HTTPS for localhost this would be fine, but the service worker will delete itself on my mobile device unless the certificate is valid.
Same issue occurred on my mobile when i tried to open the page with the root certificate installed.
Here's the setup I used:
[req] default_bits = 2048 distinguished_name = req_distinguished_name req_extensions = v3_req prompt = no [req_distinguished_name] C = US ST = New York L = Albany O = AcidByte Digital OU = R&D CN = AcidByte Digital [v3_req] keyUsage = keyEncipherment, dataEncipherment extendedKeyUsage = serverAuth subjectAltName = @alt_names [alt_names] DNS.1 = localhost DNS.2 = 192.168.1.175 DNS.3 = *.192.168.1.175
Not sure what i did wrong?