How to use the command 'mkcert' (with examples)

How to use the command 'mkcert' (with examples)

mkcert is a command-line tool that allows you to create locally-trusted development certificates. It simplifies the process of generating and managing SSL/TLS certificates for your local development environment. This ensures that your development server can be accessed over HTTPS without encountering security warnings or errors.

Use case 1: Install the local CA in the system trust store

Code:

mkcert -install

Motivation:

  • By installing the local CA in the system trust store, you can ensure that the development certificates created by mkcert are trusted by your operating system and web browsers.
  • This is helpful because it allows you to access your development server over HTTPS without encountering security warnings.

Explanation:

  • The -install argument instructs mkcert to install the local CA certificate in the system trust store.
  • The command does not require any additional arguments or options.

Example output:

Using the local CA at "/Users/username/Library/Application Support/mkcert" 
The local CA is now installed in the system trust store!

Use case 2: Generate certificate and private key for a given domain

Code:

mkcert example.org

Motivation:

  • Generating a certificate and private key for a specific domain, such as example.org, allows you to secure your development server with SSL/TLS encryption.
  • This is useful when you need to test or develop web applications locally and want to access them over HTTPS.

Explanation:

  • By specifying a domain name as an argument, mkcert generates a certificate and private key pair specifically for that domain.
  • The command does not require any additional arguments or options.

Example output:

Using the local CA at "/Users/username/Library/Application Support/mkcert" 
The certificate and private key for example.org are located in the current directory.

Use case 3: Generate certificate and private key for multiple domains

Code:

mkcert example.org myapp.dev 127.0.0.1

Motivation:

  • Generating certificates for multiple domains allows you to secure multiple development servers or applications with SSL/TLS encryption.
  • This is beneficial when you work on multiple projects that require HTTPS access during development.

Explanation:

  • By including multiple domain names separated by spaces as arguments, mkcert generates a certificate and private key pair for each specified domain.
  • The command does not require any additional arguments or options.

Example output:

Using the local CA at "/Users/username/Library/Application Support/mkcert" 
The certificate and private key for example.org are located in the current directory.
The certificate and private key for myapp.dev are located in the current directory.
The certificate and private key for 127.0.0.1 are located in the current directory.

Use case 4: Generate wildcard certificate and private key for a given domain and its subdomains

Code:

mkcert "*.example.it"

Motivation:

  • Creating a wildcard certificate allows you to secure a domain and all its subdomains with a single certificate.
  • This is useful when you have multiple subdomains for your development server and want to access them over HTTPS.

Explanation:

  • By specifying a domain name with an asterisk (*) as a prefix, mkcert generates a wildcard certificate and private key pair for that domain and all its subdomains.
  • The command does not require any additional arguments or options.

Example output:

Using the local CA at "/Users/username/Library/Application Support/mkcert" 
The certificate and private key for *.example.it are located in the current directory.

Use case 5: Uninstall the local CA

Code:

mkcert -uninstall

Motivation:

  • Uninstalling the local CA removes the certificate authority created by mkcert from the system trust store.
  • This may be necessary if you no longer need to use the locally-trusted development certificates generated by mkcert.

Explanation:

  • The -uninstall argument instructs mkcert to remove the local CA certificate from the system trust store.
  • The command does not require any additional arguments or options.

Example output:

Using the local CA at "/Users/username/Library/Application Support/mkcert" 
The local CA has been uninstalled from the system trust store.

Conclusion:

mkcert is a versatile command-line tool that simplifies the process of generating locally-trusted development certificates. By following the provided examples, you can easily install the local CA, generate certificates for specific domains or multiple domains, create wildcard certificates, and uninstall the local CA when necessary. This allows you to secure your development servers and applications with SSL/TLS encryption and access them over HTTPS without encountering security warnings or errors.

Tags :

Related Posts

Using apt-get for Package Management (with examples)

Using apt-get for Package Management (with examples)

Updating the list of available packages and versions Code: apt-get update Motivation:

Read More
Exploring the World of ArgoCD: GitOps Made Easy

Exploring the World of ArgoCD: GitOps Made Easy

Introduction In the ever-evolving landscape of DevOps and infrastructure management, there’s a rising star on the horizon: ArgoCD.

Read More
How to use the command 'llvm-dis' (with examples)

How to use the command 'llvm-dis' (with examples)

The ’llvm-dis’ command is a powerful tool in the LLVM toolkit that allows you to convert LLVM bitcode files into human-readable LLVM Intermediate Representation (IR).

Read More