dev-ca is a docker image for generating self signed root and leaf certificates for local development,
making it easy to manage and use local dev certificates.
- Manage generation of local root certificate.
- Trusted once, you can use any domain locally with TLS enabled.
- Supporting wild-card domains
- Also supporting IP addresses.
- Dev certs won't expire in a lifetime
- Build with/for docker
- Use anywhere via convenient CLI tool
- Dev certificates are generated for a main domain (DOMAIN defaults to
localhost). - They can be issued for any number of alternative domains and ip addresses (SAN defaults to
127.0.0.1)
Generate dev certificates to local directory via docker:
mkdir -p certificates
docker run --rm \
-v "${PWD}/certificates:/data/certificates" \
-u $(id -u ${user}):$(id -g ${user}) \
-e DOMAIN="my-org.local" \
realmq/dev-ca-u $(id -u ${user}):$(id -g ${user})makes sure your certificates are accessible by current user. If you omit this option certificates are owned byroot:root.- You can include additional domains and ip-addresses by passing them via
-e SAN="another.tld 10.10.0.1"
Install our cli wrapper:
sudo curl -L https://raw.githubusercontent.com/realmq/dev-ca/master/dev-ca.sh -o /usr/local/bin/dev-ca
sudo chmod a+rx /usr/local/bin/dev-caUse the CLI tool to generate local dev certificates:
dev-ca --domain="my-org.local"- Specify main domain via
-d|--domainparameter. (Defaults tolocalhost) - Pass alternative names via
-s|--sanparameter. (Defaults to${HOSTNAME} 127.0.0.1) - Set destination directory via
-v|--volumeparameter. (Defaults to${CWD}/certificates) - Set owning user via
-u|--userparameter. (Defaults to${USER})
- Add documentation on how to install/trust self-signed root certificates
- Add docker compose setup example for nginx tls termination
Copyright (c) 2019 RealMQ GmbH.
The files in this archive are released under the MIT License.