Is there anywhere that I can get a valid , signed, SSL cert to the "localhost" domain for testing? Does anyone anywhere offer a download of something like this that I can use in testing? I know how to use openssl to sign a key with a CA, but there are a lot of steps involved and I am hoping there is something quick and easy.
What I want is a canned test CA that I can import into my trusted CA stores and then a accompanying jks keystore that has the cert chain in it for that CA.
So, it would be a 3 step process, within a protected sandbox :
1. Get a new distro of Jetty, enable the SSL connector, point it to
the localhost.jks keystore
2. Import the CA that signed the localhost cert in the localhost.jks
into my web browser
3. Browse to Tomcat on the SSL port , look at the cert and see the
cert chain.
Best Answer
I have a really hard time believing that exists, since it's against the nature of SSL.
The CA's that are in your root-certificate list are companies who we've given our trust to. Their job is to verify that the ones who own the certificate are the ones they claim to be. Giving a
localhost-certificate to anyone like this, would break this concept. Even for testing.