-
Download and unpack the latest binary release for your platform:
-
Open a terminal and run the program.
$ ./mkcert --help # Linux
$ .\mkcert.exe --help # Windows
It is not necessary to copy and move around private keys. Create them directly on the target host.
-
Copy the program to the host where you need the new certificate.
-
Create a template file: Click here for some examples.
-
Choose a strong (long and random) passphrase.
$ mkcert -f examples/request.yaml
New certificate: csr.example.com
Enter new passphrase:
Verifying - Enter new passphrase:
$ ls csr*
csr.example.com.csr csr.example.com.key
A PKCS #12 (.p12) file is a container which bundles a private key and one or more certificates into a single file.
To create a .p12 file:
-
Put the certificate and the private key together in the same directory.
-
The file name of the certificate must match the name of the key.
-
Use the
-b, --bundle
option followed by the path to the key file.
$ ls
crt.example.com.crt
crt.example.com.key
$ mkcert -b crt.example.com.key # <- path to key file
Bundle: crt.example.com
Enter passphrase:
$ ls
crt.example.com.crt
crt.example.com.key
crt.example.com.p12
On Windows, use the certificate store if the application which needs the certificate supports it. The store is more secure and you don’t need the .p12 file.
To import a .p12 file:
-
Double-click the .p12 file to import the private key and the certificate into the Windows certificate store.
-
Delete the .p12 file after a successful import.
All notable changes will be documented here.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
-
Set the common name as default subject alternative name (SAN). Some browsers require a SAN to validate the certificate.
The best way to get started is to build and run a local dev container.
You can use Podman or any other OCI compliant container manager. The dev container has all the required dependencies for working with the project.
$ container/build.sh
$ container/run.sh
From inside the container, you can then run some workflows.
$ cargo fmt && cargo clippy --all-targets # run code formatter and linter
$ cargo test # run tests
$ cargo doc # build the docs
$ cargo run # run the binary crate
$ cargo clean # remove build artifacts