It’s always a hassle creating certificates and lot of technical jargons involved. This can be simplified, using mkcert. Install by following one of the steps mentioned in the docs.

Once installed just run:

$ mkcert -install
Created a new local CA at "/home/hummer/.local/share/mkcert" πŸ’₯
[sudo] password for hummer: 
The local CA is now installed in the system trust store! ⚑
The local CA is now installed in the Firefox and/or Chrome/Chromium trust store (requires browser restart)! 🦊

This has installed the local CA. Now all you need to do is create a new certificate.

$ mkcert localhost
Using the local CA at "/home/hummer/.local/share/mkcert" ✨

Created a new certificate valid for the following names πŸ“œ
 - ""
 - "localhost"

The certificate is at "./" and the key at "./" βœ…

Now is the time to test it, so to test it I am running a Python’s SimpleHTTPServer using following code(by default if you run python -m SimpleHTTPServer it runs on HTTP).

$ cat
import BaseHTTPServer, SimpleHTTPServer
import ssl

httpd = BaseHTTPServer.HTTPServer(('localhost', 4443), SimpleHTTPServer.SimpleHTTPRequestHandler)
httpd.socket = ssl.wrap_socket (httpd.socket, certfile='./', keyfile='', server_side=True)

This code is taken from here with just modification to the certfile and keyfile file names.

Now just run this file as:

$ python2 - - [14/Aug/2018 11:02:29] "GET / HTTP/1.1" 200 - - - [14/Aug/2018 11:02:29] code 404, message File not found - - [14/Aug/2018 11:02:29] "GET /favicon.ico HTTP/1.1" 404 - - - [14/Aug/2018 11:03:55] "GET / HTTP/1.1" 200 - - - [14/Aug/2018 11:03:58] "GET / HTTP/1.1" 200 -

Now if you have browser running already restart it and goto https://localhost:4443/. And voila your local HTTPS server is running.

Similarly you can create more certificates with wildcard domain and use those certificates with your applications.

Huge πŸ‘ to the developer of mkcert.