Generate deterministic TLS certificates for local Go development servers. The certificates use a P-256 ECDSA private key generated with a total lack of randomness.
Optionally, the certificates generated by this package will be signed by your local mkcert root CA. See the mkcert docs for more information.
So your browser can trust a single certificate from your development servers, and dev/test with TLS. Do not use in production.
go get github.com/alta/insecure
This package works with mkcert to generate certificates that are signed by your machine’s local certificate authority (CA). To use this feature, run mkcert -install
on your development machine before generating a certificate.
Get a TLS certificate suitable for localhost
, 127.0.0.1
, etc:
cert, err := insecure.Cert()
Get a TLS certificate for a specific set of subject alternative names:
cert, err := insecure.Cert("crowbar.local", "::1", "192.168.0.42")
Get a certificate pool that trusts cert
, useful for building net/http
clients that call other services using cert
:
pool, err := insecure.Pool(cert)
Seriously, do not use this in production.
Originally developed by @cee-dub for Alta Software LLC.
This package includes functions adapted from mkcert. Neither the authors of mkcert nor Google, Inc. have promoted or endorsed this project.