./security/go-mkcert, Make locally trusted development certificates

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.4.1nb1, Package name: go-mkcert-1.4.1nb1, Maintainer: pkgsrc-users

mkcert is a simple tool for making locally-trusted development
certificates. It requires no configuration.

Using certificates from real certificate authorities (CAs) for
development can be dangerous or impossible (for hosts like localhost or
127.0.0.1), but self-signed certificates cause trust errors. Managing
your own CA is the best solution, but usually involves arcane commands,
specialized knowledge and manual steps.

mkcert automatically creates and installs a local CA in the system root
store, and generates locally-trusted certificates. mkcert does not
automatically configure servers to use the certificates, though, that's
up to you.


Required to build:
[pkgtools/cwrappers] [lang/go114]

Master sites:

SHA1: 66f84f175484ff931302316dfe1f6b8ca150e19e
RMD160: cbe20640f6b34c25f481c968f6a7f31957aec8bc
Filesize: 17.68 KB

Version history: (Expand)


CVS history: (Expand)


   2020-07-17 20:04:33 by Benny Siegert | Files touched by this commit (196) | Package updated
Log message:
Revbump all Go packages after go114 update.
   2020-07-07 22:35:51 by Benny Siegert | Files touched by this commit (2) | Package updated
Log message:
Update mkcert to 1.4.1. Now a Go module.

v1.4.1

  • Use sudo when necessary to install in system-wide NSS stores (#192)
  • Add a -version flag (#191)
  • Speed up macOS execution by 4x for most users (#135)
  • Minor usability improvements (#182, #178, #188)

v1.4.0

macOS Catalina compatibility, URL and email SANs, and more

macOS 10.15 Catalina introduced certificate lifespan limits which block mkcert
certificates. As a temporary measure, mkcert certificates now have a fixed
notBefore date of June 1st, 2019. Once the ACME server is implemented,
certificate lifespan will be shortened to 3 months. (#174)

Certificates generated by previous versions of mkcert after July 1st, 2019 will
not work on macOS 10.15 Catalina, and will have to be regenerated. The root CA
is unaffected and there is no need to rerun mkcert -install.

URL (#166) and email (for S/MIME, #152) SANs are now supported.

Client certificates are now created with a -client filename suffix, and they
claim the serverAuth EKU as well as the clientAuth one.

The certificate subject now includes the full user name, like
filippo@Bistromath.local (Filippo Valsorda).

SLES, OpenSUSE (#162), Snapcraft (#116), and CentOS 7 (#120) are now supported.

Linux release binaries are now fully static, and will work regardless of the
system libc. (#169)

v1.3.0

New advanced options:

  • -ecdsa to generate ECDSA private keys
  • -client to generate client certificates
  • -csr to sign certificate signing requests
  • $TRUST_STORES to select what stores to install into

Also, in other news:

  • Add "Firefox Nightly.app" support on macOS
  • Set the CommonName when generating PKCS#12 files for IIS
   2020-06-17 11:54:20 by Benny Siegert | Files touched by this commit (188) | Package updated
Log message:
Revbump Go packages after Go 1.14.4 update.
   2020-04-12 13:01:51 by Benny Siegert | Files touched by this commit (171)
Log message:
Revbump all Go packages after default version switch to 1.14.
   2020-03-21 17:57:21 by Benny Siegert | Files touched by this commit (170) | Package updated
Log message:
Revbump all Go packages after go113 update.
   2020-02-02 15:19:15 by Benny Siegert | Files touched by this commit (169) | Package updated
Log message:
Revbump all Go packages after go113 update.
   2020-01-10 14:32:32 by Benny Siegert | Files touched by this commit (169)
Log message:
Revbump Go packages after Go default version bump.
   2019-12-13 08:44:06 by Benny Siegert | Files touched by this commit (168) | Package updated
Log message:
Revbump all Go packages after Go 1.12.14 update.