Name | Date | Size | #Lines | LOC | ||
---|---|---|---|---|---|---|
.. | 03-May-2022 | - | ||||
localhost/ | H | 11-May-2020 | - | 54 | 50 | |
README.md | H A D | 11-May-2020 | 1 KiB | 26 | 19 | |
pebble.minica.key.pem | H A D | 11-May-2020 | 1.6 KiB | 28 | 27 | |
pebble.minica.pem | H A D | 11-May-2020 | 1.1 KiB | 20 | 19 |
README.md
1# certs/ 2 3This directory contains a CA certificate (`pebble.minica.pem`) and a private key 4(`pebble.minica.key.pem`) that are used to issue a end-entity certificate (See 5`certs/localhost`) for the Pebble HTTPS server. 6 7To get your **testing code** to use Pebble without HTTPS errors you should 8configure your ACME client to trust the `pebble.minica.pem` CA certificate. Your 9ACME client should offer a runtime option to specify a list of root CAs that you 10can configure to include the `pebble.minica.pem` file. 11 12**Do not** add this CA certificate to the system trust store or in production 13code!!! The CA's private key is **public** and anyone can use it to issue 14certificates that will be trusted by a system with the Pebble CA in the trust 15store. 16 17To re-create all of the Pebble certificates run: 18 19 minica -ca-cert pebble.minica.pem \ 20 -ca-key pebble.minica.key.pem \ 21 -domains localhost,pebble \ 22 -ip-addresses 127.0.0.1 23 24From the `test/certs/` directory after [installing 25MiniCA](https://github.com/jsha/minica#installation) 26