For development purposes on Windows you can
add to Chrome shortcut flag --ignore-certificate-errors

It expected to ignore certificate errors and allow you to access invalid certificate websites.
Better detailed instructions in https://support.opendns.com/entries/66657664.

I had to tweak the Chrome launcher on macosx and added below script. Saved it as below;

/Applications/Google\ Chrome.app/Contents/MacOS/Chrome.command

#!/bin/sh
RealBin="Google Chrome"
AppDir="$(dirname "$0")"
exec "$AppDir/$RealBin" --ignore-certificate-errors "$@"

When I start Chrome with this script self-signed certificates are working without a problem. But don't browse the web with the browser launched with this script you will not be warned about invalid certificates!

NOT FOR PROD

Simply paste this in your chrome:

chrome://flags/#allow-insecure-localhost

You should see highlighted text saying: Allow invalid certificates for resources loaded from localhost

Click Enable.

As someone has noted, you need to restart ALL of Chrome, not just the browser windows. The fastest way to do this is to open a tab to...

chrome://restart

2017-06-27 newest method:

openssl req \
    -newkey rsa:2048 \
    -x509 \
    -nodes \
    -keyout yoursite.key \
    -new \
    -out yoursite.crt \
    -subj /CN=yoursite.dev \
    -reqexts SAN \
    -extensions SAN \
    -config <(cat /System/Library/OpenSSL/openssl.cnf \
        <(printf '[SAN]\nsubjectAltName=DNS:yoursite.dev')) \
    -sha256 \
    -days 3650

then, add yoursite.crt and yoursite.key to your nginx conf.

from: https://github.com/webpack/webpack-dev-server/issues/854

The GUI for managing SSL certs on Chromium on Linux did NOT work properly for me. However, their docs gave the right answer. The trick was to run the command below that imports the self-signed SSL cert. Just update the name of the <certificate-nickname> and certificate-filename.cer, then restart chromium/chrome.

From the Docs:

On Linux, Chromium uses the NSS Shared DB. If the built-in manager does not work for you then you can configure certificates with the NSS command line tools.

Get the tools

• Debian/Ubuntu: sudo apt-get install libnss3-tools

• Fedora: su -c "yum install nss-tools"

• Gentoo: su -c "echo 'dev-libs/nss utils' >> /etc/portage/package.use && emerge dev-libs/nss" (You need to launch all commands below with the nss prefix, e.g., nsscertutil.) Opensuse: sudo zypper install mozilla-nss-tools

To trust a self-signed server certificate, we should use

certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n <certificate-nickname> -i certificate-filename.cer

List all certificates

certutil -d sql:$HOME/.pki/nssdb -L

The TRUSTARGS are three strings of zero or more alphabetic characters, separated by commas. They define how the certificate should be trusted for SSL, email, and object signing, and are explained in the certutil docs or Meena's blog post on trust flags.

Add a personal certificate and private key for SSL client authentication Use the command:

pk12util -d sql:$HOME/.pki/nssdb -i PKCS12_file.p12

to import a personal certificate and private key stored in a PKCS #12 file. The TRUSTARGS of the personal certificate will be set to “u,u,u”.

Delete a certificate certutil -d sql:$HOME/.pki/nssdb -D -n <certificate nickname>

Excerpt From: https://chromium.googlesource.com/chromium/src/+/HEAD/docs/linux_cert_management.md