Re: [webauthn] Could not use Webauthn `PublicKeyCredential.create` when the RP ID is a Host string(ip). (#1358) from Emil Lundberg via GitHub on 2023-09-08 (public-webauthn@w3.org from September 2023)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Fri, 08 Sep 2023 09:51:35 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1711395409-1694166693-sysbot+gh@w3.org>

On most operating systems you can work around this by adding an entry to the local hosts file, for example `/etc/hosts` on Unix-like systems. Then you can use that like any other domain on those clients with that hosts file entry, you don't need to buy a publicly-available domain.

Note that you will also need an HTTPS certificate for the server; you can use OpenSSL to create a self-signed certificate or a private CA to issue the certificate from (see for example [OpenSSL Cookbook](https://www.feistyduck.com/library/openssl-cookbook/online/openssl-command-line/index.html)). For example:

```sh
$ openssl ecparam -genkey -name secp256r1 | openssl ec -out ./server.key
$ openssl req -new -x509 -days 365 -key ./server.key -out ./server.crt -subj "/O=My Organisation/OU=Admin panel/CN=admin-panel.internal" -addext "subjectAltName = DNS:admin-panel.internal"
```

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1358#issuecomment-1711395409 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 8 September 2023 09:51:37 UTC