Get your FREE copy of "The Ultimate Guide of SSL"

Download Ebook

SSL Certificate for Localhost: A Quick Guide to Generate And Install

ssl certificate for localhost
It is important to use HTTPS for all websites and applications that are web-based. While some certificate authorities do not issue SSL certificates for localhosts, it is still possible to get an SSL certificate for localhost. Read on to know how to get an SSL certificate for localhost.

How to Get an SSL Certificate for Localhost?

Though it is a wise decision to get an SSL certificate for localhost, before we get started, you will need to understand that certificate authorities do not issue SSL certificates for localhosts. This does not mean they never issued SSL certificates for localhosts, but it is that they stopped issuing SSL certificates for localhost in 2015. CAs did not want to issue SSL certificates for localhost as local hosts do not have their roots in top-level domains like .org or .com and local hosts are not owned by anyone uniquely.

However, SSL certificates still work for localhosts. But the process of getting an SSL certificate for your localhost is not going to be the same as getting an SSL certificate for your website.

You will just generate an SSL certificate yourself for your localhost.

Generate an SSL Certificate for Localhost

To secure your localhost with an SSL certificate, you need to go for a “self-signed SSL certificate.” A self-signed SSL certificate is nothing but an SSL certificate that you will generate for yourself without purchasing it from a certificate authority. This SSL certificate will encrypt your data. But this does not mean you will not see the “Not Secure” warning and despite having an SSL for your localhost, you will still see the warning in the browser. But the good news is that you need not worry about it, as this SSL certificate you generate for your local host will encrypt your data.

Remember, it is possible to secure your local host with an SSL certificate you generate without the help of a CA. However, though you can generate an SSL certificate for local development, this certificate will not be trusted by anyone else.

The best and quickest way to generate a self-signed certificate is by using the openssl command. Using the openssl command, this is how you can generate a self-signed SSL certificate for your localhost, along with a private key.


openssl req -x509 -out localhost.crt -keyout localhost.key \
-newkey rsa:2048 -nodes -sha256 \
-subj '/CN=localhost' -extensions EXT -config <( \
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
After you generate a self-signed certificate with the above openssl command, you can use localhost.crt and localhost.key to configure your local webserver. Now it is done and you have just created and installed an SSL certificate on your localhost.
Disclosure: AboutSSL appreciates your continuous support. It helps us tremendously to keep moving in the competitive SSL industry. Here most of the links which direct you to buy any SSL/TLS related service or products earns us a certain percentage of referral commission. Learn More