Install my own SSL certificates

ddenev · November 6, 2017, 10:42am

Hello,

I am issuing my own self-signed certificates with my own CA. This allows me to import only one CA certificate in the cert store (Windows) instead of multiple certificates for every local site (as is currently with Local).

How can I instruct Apache to use my own certificate and key? It seems that SSLCertificateFile and SSLCertificateKeyFile in “conf\apache\sites-enabled\default-ssl.conf” both point to non-existing files (checked via SSH):

SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

There are no such files in /etc/ssl/certs and /etc/ssl/private.

But when I access my site via HTTPS I get a certificate for the domain. Where is this certificate stored and how can I replace it with my own?

Thank you in advance!

Best regards,
Drago

clay · November 6, 2017, 3:51pm

Hi Drago,

You can swap out the certificates in %AppData%\Local by Flywheel\routes\certs

wzcblair · January 5, 2020, 7:17pm

Hi, has the location of the certs changed on Windows? I don’t have the directory %AppData%\Local By Flywheel\ (on version 5).

JackB · January 16, 2020, 12:21pm

As in your video, there should be a “Trust button”. Which isn’t there.

Where are these certificates located for Linux (Ubuntu/Debian) users?

I used the command locate Local and found that it was located in /opt/Local/.

However, there is no *.crt files in it, nor in any of the /Local-sites/<sitenames> either.

clay · January 16, 2020, 3:44pm

@JackB,

The Trust button isn’t available on Linux prior to Local 5.1 (currently in beta) due to the trust process being quite a bit more complicated.

Local >5.0 certificates can be found here on Linux: ~/.config/Local/run/router/nginx/certs

JackB · January 16, 2020, 6:16pm

@clay Awesome! Thank you for the information & the quick response!

Edit: It says certificate empty while importing?

clay · January 16, 2020, 6:36pm

Can you screenshot or copy and paste what you’re seeing?

JackB · January 16, 2020, 6:52pm

Error while importing certificate
This client certificate’s private key is missing or empty

However when i echo it in my terminal it’s indeed a key there, hmmm. Might be a 3rd party problem (Chrome)?

The key doesn’t look corrupt

clay · January 16, 2020, 6:58pm

Interesting! I haven’t tried importing a key in Chrome like that before. If the key and cert aren’t corrupted I’m not sure what would be causing that.

If you figure it out, please share! You have me curious now

JackB · January 16, 2020, 7:07pm

Oopsie, yeah apparently in the Chrome Settings Page for certificates there is a tab for Authorities, I just tried on the tab I landed on.

Topic		Replies	Views
Custom Certs on Ubuntu Support ssl-certificates	2	344	January 2, 2021
Mac - 6.41/Monterey 12.6 Fix: SSL certificate problem: unable to get local issuer certificate Support mac , ssl-certificates , ssl , mac-monterey	3	2980	September 26, 2022
Use a local Local (pun intended) CA to avoid the trust problem on macOS Feature requests mac , ssl-certificates	7	747	March 5, 2023
Where is Certificate Authority .pem file located Support	2	398	January 12, 2021
Troubleshooting SSL ERR_CERT_INVALID on Local v6.4.1 Support mac , ssl-certificates , ssl	1	852	September 12, 2022

Install my own SSL certificates

Related Topics