Psst, want to beta-test a new tool to generate locally-trusted certificates? Sign your own localhost or whatever.com certificate! Automagic installation.
Looking for CLI feedback. https://github.com/FiloSottile/mkcert …
macOS only right now
(Linux is sooo fragmented, it will take me a bit)
-
Show this thread
-
Replying to @FiloSottile
Does it have the capability to restrict the domains your CA can sign for, so you could distribute & reasonably use the CA cert?
2 replies 0 retweets 1 like -
Replying to @RichFelker
Nope. A wider-use sane certificate and CA CLI is something I want to build, but this is specifically for developers upset that they need HTTPS to test in browsers.
1 reply 0 retweets 2 likes -
Replying to @FiloSottile
Yeah, I was thinking about best practices tho. Nobody should install a root CA valid for * (and with private key not heavily guarded) on a box they access Google accounts, etc. from.
1 reply 0 retweets 1 like -
Replying to @RichFelker @FiloSottile
And developers almost certainly do access valuable accounts from the boxes they test their sites with.
1 reply 0 retweets 0 likes -
Replying to @RichFelker
Is the ability to read a 0600 private key meaningfully different from access to the browser memory space on desktop OSes? It's important to usability for the root to work universally.
1 reply 0 retweets 2 likes -
I feel like it's important for devs to learn not to rely on being able to forge arbitrary domains, but maybe in short term just getting them using https is more important.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.