aipper/mkcert
1
0
Fork 0
mirror of https://github.com/FiloSottile/mkcert.git synced 2025-10-14 00:41:40 +08:00
Code Issues Packages Projects Releases Wiki Activity
152 Commits 1 Branch 14 Tags
0a3190b1659e514d6e9b03eedfa25049d046000b
Commit Graph

152 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mikael Forsgren
0a3190b165 README: update Linuxbrew to Homebrew on Linux (#340) 
Homebrew was formerly referred to as Linuxbrew when running on Linux or WSL.
 2021-02-13 03:34:52 +01:00
Filippo Valsorda
1a5aaff12e Fix and update CI analyzers v1.4.3 2020-11-25 14:09:45 +01:00
Filippo Valsorda
33ca7b5c46 Switch tests and releases to GitHub Actions (#311) 2020-11-20 20:48:10 +01:00
Filippo Valsorda
9c196b6cdb Make CSR code match standard certificate generation 2020-10-27 12:54:36 +01:00
Filippo Valsorda
e28ee7df01 Simplify EKU logic 
With -client, you get clientAuth. With a non-email SAN, you also get
serverAuth. With an email SAN, you also get emailProtection.
 2020-10-27 12:51:28 +01:00
Filippo Valsorda
9f583c670f Drop codeSigning EKU from certificates with email SANs 
Unclear how those are correlated.
If it breaks something we can put it back.

Fixes #303
 2020-10-27 12:34:41 +01:00
Martin Tournoij
c12e24244a Don't overwrite the -key-file if it's identical to -cert-file (#264) 
Especially for testing I find it much more convenient to just store both
the key and certificate in a single file, which works with pretty much
all software I've used.

Currently, the -cert-file will overwrite the -key-file since it uses
ioutil.WriteFile(). This fixes it to *append* if the files are
identical.

Co-authored-by: Filippo Valsorda <github@filippo.io>
 2020-10-27 12:34:17 +01:00
Martin Tournoij
6649e9d2e7 Make explicit "mkcert -help" print to stdout (#265) 
Currently "mkcert -help" prints to stderr, which is rather annoying as:

	$ mkcert -help | less

Gives us a blank page, as it pipes only stdout. To get any results in
less I need to use:

	$ mkcert 2>&1 | less
	$ mkcert |& less     # Non-standard bash/ zsh

Since the user explicitly asked for help with -help, it doesn't make
much sense to output it to stderr IMHO.
v1.4.2 		2020-10-26 00:55:09 +01:00
Filippo Valsorda
3fa4d18f75 Update iOS installation docs 
Fixes #233
 2020-10-26 00:45:44 +01:00
Filippo Valsorda
167867a226 Drop Apple 825-days rule bypass, shorten and print expiration 
Closes #299
Closes #271
 2020-10-26 00:25:26 +01:00
Filippo Valsorda
1ad7f56df4 Tone down the uninstalled root warnings 
Some people might want to use mkcert to generate certificates without
installing the root after all.

Fixes #290
 2020-10-26 00:25:26 +01:00
Filippo Valsorda
e8068235db Hide the CA path in normal operation 
Most users don't need to interact with it, and it's important they don't
share the rootCA-key.pem file, so let's not lead them there in the first
place. Advanced users can still use "mkcert -CAROOT".

Fixes #282
 2020-10-26 00:25:26 +01:00
Filippo Valsorda
ea8260d0d9 Accept "NEW CERTIFICATE REQUEST" PEM headers 
Fixes #301
 2020-10-26 00:25:26 +01:00
Mikel Kew
8e71a281f9 Support latest FirefoxDeveloperEdition.app without spaces (#280) 
Latest version of Firefox Developer Edition on macOS seem to use
upper camel case naming for the app. This ensures that the CA will
be added to the Firefox trust store if using recent versions of
FF Dev Edition.
 2020-10-26 00:24:53 +01:00
Dennis Ameling
c34db08bed Build release binaries for linux/arm64 (#284) 2020-10-26 00:23:20 +01:00
Filippo Valsorda
a2b1208e9c mkcert-master: remove in favor of "brew gomod filippo.io/mkcert@master" 
See https://blog.filippo.io/install-go-tools-from-modules-with-brew-gomod/
 2020-03-21 22:12:54 -04:00
Filippo Valsorda
d58feefc73 Fix -version output not to print spurious lines 2020-03-21 22:10:16 -04:00
Filippo Valsorda
0603a13b79 Use buildInfo.Main.Version when Version is not set 2020-03-21 22:04:37 -04:00
Filippo Valsorda
243b819761 go.mod: update import path to filippo.io/mkcert 2020-03-21 21:38:34 -04:00
Christian Rebischke
a21de51acf README: mention official Arch Linux package (#226) 
Signed-off-by: Christian Rebischke <chris@nullday.de>
Co-authored-by: Filippo Valsorda <1225294+FiloSottile@users.noreply.github.com>
 2019-12-26 14:56:06 +01:00
Koen Vervloesem
42a6d00604 README: add "cd mkcert" to build from source instructions (#228) 
Co-authored-by: Filippo Valsorda <1225294+FiloSottile@users.noreply.github.com>
 2019-12-26 14:53:10 +01:00
Senan Kelly
cb6311cfbe truststore_nss: add firefox nightly and developer edition binary paths (#225) 
on my system I have only Firefox Nightly installed, so `/usr/bin/firefox` doesn't exist and so `hasNSS` was false and CA wasn't installed.

on my arch based system, the binary was at `/usr/bin/firefox-nightly`
https://aur.archlinux.org/packages/firefox-nightly/
it could also be at `/usr/bin/firefox-developer-edition`
see "package contents"
https://www.archlinux.org/packages/community/x86_64/firefox-developer-edition/
 2019-11-29 18:36:50 -04:00
Nelson Martell
d8d73fcb89 README: add note about advanced options (#218) 
* 📝 Add note about advaced options in README

Clarify position of advanced options argumnts (they won’t work if are placed after domain names)

Add example.

* Update README.md
 2019-11-26 18:35:01 -05:00
fREW Schmidt
9b04095804 README: fix git clone command (#224) 2019-11-26 18:31:43 -05:00
Filippo Valsorda
90341b0d5a v1.4.1 v1.4.1 2019-11-09 18:21:05 -05:00
Filippo Valsorda
1b4ad6c774 truststore_nss: retry certtool with sudo when it fails due to permissions 
Based on @rfay's investigation and fix.

Fixes #192
Closes #193
 2019-11-09 18:18:18 -05:00
Filippo Valsorda
00ded1d014 .travis.yml: fix format error 2019-11-09 18:03:18 -05:00
Filippo Valsorda
9df24b5b70 README: remove "go run" quickstart 😢 
Fixes #209
 2019-11-09 17:34:28 -05:00
Filippo Valsorda
71aa64e874 Embrace Go 1.13: drop vendoring, assume modules mode, drop Go 1.10 warning 2019-11-09 16:43:37 -05:00
Filippo Valsorda
1382fc8fe8 Add -version flag 
Closes #197
Fixes #191
 2019-11-09 16:33:29 -05:00
Filippo Valsorda
82ea753aa2 analysis.go: use x/tools/go/analysis/multichecker to run analysis tools 
This pattern has a number of advantages: it tracks the versions of the
tools in go.mod, it doesn't require installing anything in CI, it runs
all analysis passes at once, and it lets us add custom ones easily.
 2019-11-09 16:04:54 -05:00
Filippo Valsorda
4ffcbacbb0 mkcert-master: add Homebrew Formula with HEAD stanza 
homebrew-core removed all head clauses, so this allows testing the
latest master by instead running

brew install --HEAD https://master.mkcert.dev/mkcert-master.rb
 2019-09-10 15:47:25 +02:00
Filippo Valsorda
0bfd83cea2 README: add "go run" quickstart 2019-08-24 13:38:12 -04:00
Filippo Valsorda
343aec289a truststore_linux: remove PATH check for SystemTrustCommand 
It's hard to predict what the PATH that sudo will use, and there
shouldn't be many cases where we don't find the command anyway.

Fixes #188
 2019-08-16 18:23:01 -04:00
Filippo Valsorda
8ff73503d2 truststore_darwin: check the default Homebrew path for certutil 
"mkcert localhost" went from 2.125s to 0.552s, a 4x speedup.

Fixes #135
 2019-08-16 18:23:01 -04:00
Filippo Valsorda
25b1d39486 Print a message on -install if the CA is already installed 
Updates #182
 2019-08-16 18:04:46 -04:00
Filippo Valsorda
aa4dd61066 Specify a "Sudo password:" prompt for sudo 
Fixes #178
Closes #185
 2019-08-16 17:47:28 -04:00
Stefan Wrobel
2d05f3b4d8 Add link to Chocolatey in README (#181) v1.4.0 2019-07-25 21:59:21 +02:00
y-yagi
a5bb69b629 Fix markdown formatting (#179) 
It seems correctly show in GitHub, but this may not be shown correctly
in other markdown readers.
 2019-07-21 07:18:11 -04:00
Filippo Valsorda
df15e0c1ef Backdate notBefore to support macOS Catalina 
Updates #174
 2019-07-06 19:12:45 -03:00
Filippo Valsorda
1f0796c926 Add staticcheck to CI (#171) 2019-07-05 01:41:23 -03:00
Filippo Valsorda
4d2ab596e7 .travis.yml: disable cgo for all release binaries 
Fixes #169
 2019-07-05 01:28:46 -03:00
Robert Panzer
c2b30c48f1 Add support for URL SANs (#166) 2019-07-05 01:16:19 -03:00
Filippo Valsorda
0a679a8bcd README: revert to $(go env GOPATH) 
See discussion at #168
 2019-06-21 20:11:30 -04:00
Robert Panzer
574ea52743 Add serverAuth EKU to client certs for Service Mesh mTLS setups 2019-06-17 11:02:53 -04:00
Daniel Martí
ff17118210 README: use $GOBIN instead of $GOPATH/bin (#168) 
$GOPATH/bin works in the simple cases, but will break if the user
specifies their own $GOBIN, or if their $GOPATH has multiple elements.

This form is also simpler. Even if the user doesn't specify their custom
$GOBIN, 'go env GOBIN' will return the correct default.
 2019-06-12 13:24:10 -04:00
Filippo Valsorda
72ec55f07f Import howett.net/plist by its correct name 
Also bumping the version to one with a go.mod.
 2019-06-02 12:57:09 +01:00
Filippo Valsorda
e9f8fbcdf4 cert: use os.Hostname for the OU, and add the long form user name 
The output of the hostname command on Windows is probably UTF-16, but
instead of figuring out its edge cases, switch to the syscall on every
platform.

Fixes #96
Closes #142
 2019-06-02 12:15:03 +01:00
Filippo Valsorda
8d9e434520 truststore_nss: support multiple NSS databases 
This adds support for Snap's Chromium, and and CentOS 7.

Fixes #116
Fixes #120
Closes #121
 2019-06-01 16:27:42 +01:00
Filippo Valsorda
74ab68812e Fix and add missing license headers 2019-06-01 14:58:20 +01:00