mkcert - A simple zero-config tool to make locally trusted development certificates with any names you'd like

  •        43

mkcert is a simple tool for making locally-trusted development certificates. It requires no configuration. Using certificates from real certificate authorities (CAs) for development can be dangerous or impossible (for hosts like localhost or 127.0.0.1), but self-signed certificates cause trust errors. Managing your own CA is the best solution, but usually involves arcane commands, specialized knowledge and manual steps.

https://github.com/FiloSottile/mkcert

Tags
Implementation
License
Platform

   




Related Projects

python-certifi - (Python Distribution) A carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts

  •    Python

Certifi is a carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. It has been extracted from the Requests project. Browsers and certificate authorities have concluded that 1024-bit keys are unacceptably weak for certificates, particularly root certificates. For this reason, Mozilla has removed any weak (i.e. 1024-bit key) certificate from its bundle, replacing it with an equivalent strong (i.e. 2048-bit or greater key) certificate from the same CA. Because Mozilla removed these certificates from its bundle, certifi removed them as well.

hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation.

  •    Go

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs traffic can be successfully decrypted, intercepted and recorded.

pem - Create private keys and certificates with node.js

  •    Javascript

Here are some examples for creating an SSL key/cert on the fly, and running an HTTPS server on port 443. 443 is the standard HTTPS port, but requires root permissions on most systems. To get around this, you could use a higher port number, like 4300, and use https://localhost:4300 to access your server. Please have a look into the API documentation.


rancher-letsencrypt - :cow: Rancher service that obtains and manages free SSL certificates from the Let's Encrypt CA

  •    Go

A Rancher service that obtains free SSL/TLS certificates from the Let's Encrypt CA, adds them to Rancher's certificate store and manages renewal and propagation of updated certificates to load balancers. If using the HTTP challenge, a reverse proxy that routes example.com/.well-known/acme-challenge to rancher-letsencrypt.

Cryptlib - provides Encryption and Authentication Service

  •    C

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.

hotel - :love_hotel: A simple process manager for developers

  •    Javascript

Tip: if you don't enable local domains, hotel can still be used as a catalog of local servers..localhost replaces .dev local domain and is the new default. See https://ma.ttias.be/chrome-force-dev-domains-https-via-preloaded-hsts/ for context.

certificates - 🛡️ An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere

  •    Go

An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere. For more information and docs see the Step website and the blog post announcing Step Certificate Authority.

browser - The browser extension vault (Chrome, Firefox, Opera, Edge, Safari, & more).

  •    Javascript

The Bitwarden browser extension is written using the Chrome Web Extension API and AngularJS. By default the extension is targeting the production API. If you are running the Core API locally, you'll need to switch the extension to target your local instance. Open src/services/api.service.ts and set this.baseUrl and this.identityBaseUrl to your local API instance (ex. http://localhost:5000).

boulder - An ACME-based CA, written in Go.

  •    Go

This is an implementation of an ACME-based CA. The ACME protocol allows the CA to automatically verify that an applicant for a certificate actually controls an identifier, and allows domain holders to issue and revoke certificates for their domains.Boulder has a Dockerfile to make it easy to install and set up all its dependencies. This is how the maintainers work on Boulder, and is our main recommended way to run it.

certmagic - Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

  •    Go

CertMagic is the most mature, robust, and capable ACME client integration for Go. With CertMagic, you can add one line to your Go application to serve securely over TLS, without ever having to touch certificates.

JaBaCATs: Java Basic C.A. Tools.

  •    Java

The aim of this project is to create a set of basic java tools for developers who need Certificate Authority (CA) root certificates and user certificates signed by the CA.

local-cert-generator - A set of scripts to quickly generate a HTTPS certificate for your local development environment

  •    Shell

A set of scripts to quickly generate a HTTPS certificate for your local development environment. Note: You may need to restart your browser to load the newly trusted root certificate correctly.

Windows Phone Certificate Installer

  •    

Helps install Trusted Root Certificates on Windows Phone 7 to enable SSL requests. Intended to allow developers to use localhost web servers during development without requiring the purchase of an SSL certificate. Especially helpful for ws-trust secured web service development.

cert-manager - Automatically provision and manage TLS certificates in Kubernetes

  •    Go

cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.

backup-adblockpluschrome - Adblock Plus extension for Google Chrome

  •    Javascript

This repository contains the platform-specific Adblock Plus source code for Chrome, Opera and Safari. It can be used to build Adblock Plus for these platforms, generic Adblock Plus code will be extracted from other repositories automatically (see dependencies file). This will create a build with a name in the form adblockpluschrome-1.2.3.nnnn.crx or adblockplussafari-1.2.3.nnnn.safariextz. Note that you don't need an existing signing key for Chrome or Opera, a new key will be created automatically if the file doesn't exist. Safari on the other hand always requires a valid developer certificate, you need to get one in the Apple Developer Center first. adblockplussafari.pem should contain the private key for your developer certificate, the developer certificate itself as well as all the certificates it was signed with (Apple's root certificate and intermediate certificates) in PEM format - in that order.

firefox-ios - Firefox for iOS

  •    C

* Mailing list: [mobile-firefox-dev@mozilla.org](https://mail.mozilla.org/listinfo/mobile-firefox-dev).* Bugs: [File a new bug](https://bugzilla.mozilla.org/enter_bug.cgi?bug_file_loc=http%3A%2F%2F&bug_ignored=0&op_sys=iOS%207&product=Firefox%20for%20iOS&rep_platform=All) • [Existing bugs](https://bugzilla.mozilla.org/describecomponents.cgi?product=Firefox%20for%20iOS)This is a work in progress on some early ideas. Don't get too attached to this code. Tomorrow everything will be dif

EtherAddressLookup - Adds links to strings that look like Ethereum addresses to your favourite blockchain explorer

  •    Javascript

The blacklists found in this repo serve both the EAL Chrome Extension & MetaMask Chrome Extension. We use a Levenshtein distance algoritm to detect similar URLs, so if you encounter an errounously-blocked website, please add it to the whitelist. The master branch is bundled on every release and pushed to the Chrome & Firefox Extension store, you can view/download it here: https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn for Chrome, and https://addons.mozilla.org/en-US/firefox/addon/etheraddresslookup/ for Firefox.

easy-rsa - easy-rsa - Simple shell based CA utility

  •    Shell

easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms, this means to create a root certificate authority, and request and sign certificates, including sub-CAs and certificate revocation lists (CRL). If you are looking for release downloads, please see the releases section on GitHub. Releases are also available as source checkouts using named tags.