https://github.com/realmq/dev-ca
🔐 A docker image :whale: and CLI tool :computer: that makes it easy to generate, manage and use self signed root and leaf certificates for local development.
https://github.com/realmq/dev-ca
developer-tools docker docker-image local-dev local-dev-server-on-https local-development self-signed-certificate ssl ssl-certificates tls tls-certificate tls-certificate-management
Last synced: 4 months ago
JSON representation
🔐 A docker image :whale: and CLI tool :computer: that makes it easy to generate, manage and use self signed root and leaf certificates for local development.
- Host: GitHub
- URL: https://github.com/realmq/dev-ca
- Owner: realmq
- License: mit
- Created: 2019-04-23T11:26:18.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2019-04-23T12:30:22.000Z (over 6 years ago)
- Last Synced: 2025-03-24T17:14:42.765Z (7 months ago)
- Topics: developer-tools, docker, docker-image, local-dev, local-dev-server-on-https, local-development, self-signed-certificate, ssl, ssl-certificates, tls, tls-certificate, tls-certificate-management
- Language: Shell
- Homepage:
- Size: 16.6 KB
- Stars: 6
- Watchers: 4
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# :closed_lock_with_key: RealMQ Dev CA - Local Development Certificates
[](https://github.com/realmq/dev-ca/blob/master/LICENSE)
[](https://hub.docker.com/r/realmq/dev-ca)
`dev-ca` is a docker image for generating self signed root and leaf certificates for local development,
making it easy to manage and use local dev certificates.
* Manage generation of local root certificate.
* Trusted once, you can use any domain locally with TLS enabled.
* Supporting wild-card domains
* Also supporting IP addresses.
* Dev certs won't expire in a lifetime
* Build with/for docker
* Use anywhere via convenient CLI tool
## :fire: Generate certificates
* Dev certificates are generated for a main domain (**DOMAIN** defaults to `localhost`).
* They can be issued for any number of alternative domains and ip addresses (**SAN** defaults to `127.0.0.1`)
### :whale: Use with docker
Generate dev certificates to local directory via docker:
```bash
mkdir -p certificates
docker run --rm \
-v "${PWD}/certificates:/data/certificates" \
-u $(id -u ${user}):$(id -g ${user}) \
-e DOMAIN="my-org.local" \
realmq/dev-ca
```
* `-u $(id -u ${user}):$(id -g ${user})` makes sure your certificates are accessible by current user. If you omit this option certificates are owned by `root:root`.
* You can include additional domains and ip-addresses by passing them via `-e SAN="another.tld 10.10.0.1"`
### :computer: Use convenient CLI tool
Install our [cli wrapper](https://github.com/realmq/dev-ca/blob/master/dev-ca.sh):
```bash
sudo curl -L https://raw.githubusercontent.com/realmq/dev-ca/master/dev-ca.sh -o /usr/local/bin/dev-ca
sudo chmod a+rx /usr/local/bin/dev-ca
```
Use the CLI tool to generate local dev certificates:
```bash
dev-ca --domain="my-org.local"
```
* Specify main domain via `-d|--domain` parameter. (Defaults to `localhost`)
* Pass alternative names via `-s|--san` parameter. (Defaults to `${HOSTNAME} 127.0.0.1`)
* Set destination directory via `-v|--volume` parameter. (Defaults to `${CWD}/certificates`)
* Set owning user via `-u|--user` parameter. (Defaults to `${USER}`)
## :rocket: Roadmap
* Add documentation on how to install/trust self-signed root certificates
* Add docker compose setup example for nginx tls termination
## :page_with_curl: License
Copyright (c) 2019 [RealMQ GmbH](https://realmq.com).
The files in this archive are released under the [MIT License](LICENSE).