As of Chrome 58+ I started getting certificate error on macOS due missing SAN. Here is how to get the green lock on address bar again.
Generate a new certificate with the following command:
openssl req \
-newkey rsa:2048 \
-x509 \
-nodes \
-keyout server.key \
-new \
-out server.crt \
-subj /CN=*.domain.dev \
-reqexts SAN \
-extensions SAN \
-config <(cat /System/Library/OpenSSL/openssl.cnf \
<(printf '[SAN]\nsubjectAltName=DNS:*.domain.dev')) \
-sha256 \
-days 720
Import the server.crt
into your KeyChain, then double click in the certificate, expand the Trust, and select Always Trust
Refresh the page https://domain.dev in Google Chrome, so the green lock is back.