dev-ca
is a docker image for generating self signed root and leaf certificates for local development,
making it easy to manage and use local dev certificates.
- Manage generation of local root certificate.
- Trusted once, you can use any domain locally with TLS enabled.
- Supporting wild-card domains
- Also supporting IP addresses.
- Dev certs won't expire in a lifetime
- Build with/for docker
- Use anywhere via convenient CLI tool
- Dev certificates are generated for a main domain (DOMAIN defaults to
localhost
). - They can be issued for any number of alternative domains and ip addresses (SAN defaults to
127.0.0.1
)
Generate dev certificates to local directory via docker:
mkdir -p certificates
docker run --rm \
-v "${PWD}/certificates:/data/certificates" \
-u $(id -u ${user}):$(id -g ${user}) \
-e DOMAIN="my-org.local" \
realmq/dev-ca
-u $(id -u ${user}):$(id -g ${user})
makes sure your certificates are accessible by current user. If you omit this option certificates are owned byroot:root
.- You can include additional domains and ip-addresses by passing them via
-e SAN="another.tld 10.10.0.1"
Install our cli wrapper:
sudo curl -L https://raw.githubusercontent.com/realmq/dev-ca/master/dev-ca.sh -o /usr/local/bin/dev-ca
sudo chmod a+rx /usr/local/bin/dev-ca
Use the CLI tool to generate local dev certificates:
dev-ca --domain="my-org.local"
- Specify main domain via
-d|--domain
parameter. (Defaults tolocalhost
) - Pass alternative names via
-s|--san
parameter. (Defaults to${HOSTNAME} 127.0.0.1
) - Set destination directory via
-v|--volume
parameter. (Defaults to${CWD}/certificates
) - Set owning user via
-u|--user
parameter. (Defaults to${USER}
)
- Add documentation on how to install/trust self-signed root certificates
- Add docker compose setup example for nginx tls termination
Copyright (c) 2019 RealMQ GmbH.
The files in this archive are released under the MIT License.