Use mkcert to making locally-trusted host development certificates that avoids browser self-certification dialog warning and requires little or no configuration
Install mkcert:
sudo apt update sudo apt install libnss3-tools curl -JLO "https://dl.filippo.io/mkcert/latest?for=linux/amd64" chmod +x mkcert-v*-linux-amd64 sudo mv mkcert-v*-linux-amd64 /usr/local/bin/mkcert
Install the local CA:
mkcert -install
Generates and installs CA cert/key pair (rootCA-key.pem,rootCA.pem) in system trust store – $CAROOT (defaults to ~/.local/share/mkcert)
Installs local CA in the Firefox and/or Chrome/Chromium trust store (requires browser restart)
Generate certificate and key file for locally hosted website:
mkcert example.org localhost 127.0.0.1 ::1
Creates two files: example.org+3.pem (certificate) and example.org+3-key.pem (private key).