I followed the instructions for enabling a self-signed SSL certificate in the Trellis config:
ssl:
enabled: true
provider: self-signed
hsts_max_age: 0
cache:
enabled: false
After provisioning, the certificate has been created. As expected, Chrome doesn’t trust it and throws a warning when I hit the new https URLs. I want to trust the new certificate, so I install and use the vagrant helper tool from @TangRufus. I run vagrant trellis-cert trust
and I get a success message. All seems well. I restart Chrome and hit my local https pages again.
Uh-oh, Chrome still says my certificate is invalid.
I crack open the Trellis-generated certificate for a closer look, and I notice something odd under the Subject Alternative Name bit. My local server is modernadventure.test
, with no subdomain. However, the Subject Alternative Name says
DNS modernadventure.testDNS:
This seems wrong. I am expecting it to look more like DNS modernadventure.test
and I’m wondering if it’s causing my issues with Chrome refusing to trust my certificate. Is it possible Trellis is generating the wrong value for the Subject Alternative Name? Or maybe I’ve misconfigured something somewhere else?