OpenSSL创建自签名证书

openssl req -sha256 -newkey rsa:2048 -nodes -keyout agsenterprise.key -x509 -days 3650 -out agsenterprise.crt -config /usr/local/etc/openssl@1.1/openssl.cnf -extensions v3_req

Common Name填写你要访问的域名地址

修改openssl.cnf文件

  [ req ]
  req_extensions = v3_req # The extensions to add to a certificate request

  [ v3_req ]
  subjectAltName = @alt_names

  [ alt_names ]
  DNS.1 = chenfengami.com

nginx配置

  server {
    listen 80;
    listen 443 ssl;
    ssl_certificate test/agsenterprise.crt;
    ssl_certificate_key test/agsenterprise.key;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;
    server_name chenfengami.com;

    location / {
      proxy_pass http://127.0.0.1:3000/;
    }
  }   

将生成crt文件拖入并且添加信任

访问即可

参考: https://blog.csdn.net/zssai2015/article/details/85049905