This might not be the only issue here, but the certificate, as well as being trusted, needs a Common Name record embedded inside it that matches the localhost domain.
Give this a go: openssl req -nodes -new -x509 -keyout server.key -out server.cert -subj "/CN=localhost"