mkcert icon indicating copy to clipboard operation
mkcert copied to clipboard
verified publisher icon FiloSottile

Clarify that mkcert and be used as an infrastructure CA

Open sedalu opened this issue 6 years ago • 2 comments

Filippo, as we discussed as GothamGo, using mkcert as an infrastructure CA to secure internal service-to-service http calls is probably a use case falls within the mission of mkcert. The readme provides enough detail on how to do this manually, but it warns against "production" use. Please clarify that this use case is not discouraged. Thanks.

sedalu avatar Apr 13 '19 03:04 sedalu

Hii

sawfi avatar Jul 06 '20 02:07 sawfi

For anyone else landing here, you might later find this issue which points you in the direction of step as a production grade alternative to mkcert.

A similar issue discussion also has this to say:

  • If you're just looking for a simple tool to create certs that work for local development, use mkcert.
  • If you're testing an ACME integration, use pebble (and step-ca, as a second data point :).
  • If you need something more sophisticated, like an ACME CA that you can bring into staging or run in production for server-to-server mTLS, check out step & step-ca!

polarathene avatar Aug 16 '20 06:08 polarathene