cd /path/to/monero_cli- Generate certificates for daemon RPC (set password, use defaults except common name "localhost"):
openssl req -x509 -newkey rsa:4096 -keyout daemon-rpc-key.pem -out daemon-rpc-cert.pem -days 365 - Generate certificates for wallet RPC (set password, use defaults except common name "localhost"):
openssl req -x509 -newkey rsa:4096 -keyout wallet-rpc-key.pem -out wallet-rpc-cert.pem -days 365 - Start daemon RPC with SSL and enter password, e.g.:
./monerod --stagenet --rpc-login superuser:abctesting123 --rpc-access-control-origins https://localhost:9100 --rpc-ssl enabled --rpc-ssl-private-key daemon-rpc-key.pem --rpc-ssl-certificate daemon-rpc-cert.pem - Start wallet RPC with SSL and enter password, e.g.:
./monero-wallet-rpc --daemon-address https://localhost:38081 --daemon-login superuser:abctesting123 --stagenet --rpc-bind-port 38083 --rpc-login rpc_user:abc123 --wallet-dir ./ --rpc-access-control-origins https://localhost:9100 --rpc-ssl enabled --rpc-ssl-private-key wallet-rpc-key.pem --rpc-ssl-certificate wallet-rpc-cert.pem
- Change RPC URIs to "https://..."
- Construct
MoneroWalletRpcandMoneroDaemonRpcwithrejectUnauthorized: falseif using self-signed certificates
- Change RPC URIs to "https://..."
- Generate certificates for localhost web app (set password, use defaults except common name "localhost"), e.g.:
openssl req -x509 -newkey rsa:4096 -keyout localhost-key.pem -out localhost-cert.pem -days 365Note: dev certificates are already committed to src/test/browser with passwordabctesting123 - Modify run_server.py to use generated certificates by uncommenting commented lines
- Run ./bin/start_browser_test_server.sh and enter certificate password
- Test in Chrome: chrome://flags/#allow-insecure-localhost, set "Allow invalid certificates for resources loaded from localhost." to "Enabled"
- Test in Firefox: authenticate with https://localhost:38081/json_rpc and https://localhost:38083/json_rpc first, then access https://localhost:9100/