I followed the instructions for enabling a self-signed SSL certificate in the Trellis config:
ssl: enabled: true provider: self-signed hsts_max_age: 0 cache: enabled: false
After provisioning, the certificate has been created. As expected, Chrome doesn’t trust it and throws a warning when I hit the new https URLs. I want to trust the new certificate, so I install and use the vagrant helper tool from @TangRufus. I run
vagrant trellis-cert trust and I get a success message. All seems well. I restart Chrome and hit my local https pages again.
Uh-oh, Chrome still says my certificate is invalid.
I crack open the Trellis-generated certificate for a closer look, and I notice something odd under the Subject Alternative Name bit. My local server is
modernadventure.test, with no subdomain. However, the Subject Alternative Name says
This seems wrong. I am expecting it to look more like
DNS modernadventure.test and I’m wondering if it’s causing my issues with Chrome refusing to trust my certificate. Is it possible Trellis is generating the wrong value for the Subject Alternative Name? Or maybe I’ve misconfigured something somewhere else?