mkcert
Chocolatey
Our great sponsors
mkcert | Chocolatey | |
---|---|---|
130 | 393 | |
45,618 | 9,849 | |
- | 1.2% | |
0.0 | 8.4 | |
2 days ago | 3 days ago | |
Go | C# | |
BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
mkcert
- Mkcert: Simple tool to make locally trusted dev certificates names you'd like
-
You Can't Follow Me
The author mentions difficulties with HTTPS and trying stuff locally.
I've had some success with mkcert [1] to easily create certificates trusted by browsers, I can suggest to look into this. You are your own root CA, I think it can work without an internet connection.
- SSL Certificates for Home Network
-
Simplifying Localhost HTTPS Setup with mkcert and stunnel
Solution: mkcert – Your Zero-Configuration HTTPS Enabler Meet mkcert, a user-friendly, zero-configuration tool designed for creating locally-trusted development certificates. Find it on its GitHub page and follow the instructions tailored for your operating system. For Mac users employing Homebrew, simply execute the following commands in your terminal:
-
10 reasons you should quit your HTTP client
Well, Certifi does not ship with your company's certificates! So requesting internal services may come with additional painful extra steps! Also for a local development environment that uses mkcert for example!
-
Show HN: Anchor – developer-friendly private CAs for internal TLS
My project, getlocalcert.net[1] may be the one you're thinking of.
Since I'm also building in this space, I'll give my perspective. Local certificate generation is complicated. If you spend the time, you can figure it out, but it's begging for a simpler solution. You can use tools like mkcert[2] for anything that's local to your machine. However, if you're already using ACME in production, maybe you'd prefer to use ACME locally? I think that's what Anchor offers, a unified approach.
There's a couple references in the Anchor blog about solving the distribution problem by building better tooling[3]. I'm eager to learn more, that's a tough nut to crack. My theory for getlocalcert is that the distribution problem is too difficult (for me) to solve, so I layer the tool on top of Let's Encrypt certificates instead. The end result for both tools is a trusted TLS certificate issued via ACME automation.
1. https://news.ycombinator.com/item?id=36674224
2. https://github.com/FiloSottile/mkcert
3. https://blog.anchor.dev/the-acme-gap-introducing-anchor-part...
-
Running one’s own root Certificate Authority in 2023
Looks like step-ca/step-cli [1] and mkcert [2] have been mentioned. Another related tool is XCA [3] - a gui tool to manage CAs and server/client TLS certificates. It takes off some of the tedium in using openssl cli directly. It also stores the certs and keys in an encrypted database. It doesn't solve the problem of getting the root CA certificate into the system store or of hosting the revocation list. I use XCA to create and store the root CA. Intermediate CAs signed with it are passed to other issuers like vault and step-issuer.
[1] https://smallstep.com/docs/step-ca/
-
Show HN: Local development with .local domains and HTTPS
We use mkcert for this, it works wonderfully.
-
Implementing TLS in Kubernetes
mkcert: This is used to obtain a trusted TLS certificate with a custom domain name for your development machine. You can install mkcert on your development machine following the official instructions.
-
Easy HTTPS for your private networks
I've been pretty frustrated with how private CAs are supported. Your private root CA can be maliciously used to MITM every domain on the Internet, even though you intend to use it for only a couple domain names. Most people forget to set Name Constraints when they create these and many helper tools lack support [1][2]. Worse, browser support for Name Constraints has been slow [3] and support isn't well tracked [4]. Public CAs give you certificate transparency and you can subscribe to events to detect mis-issuance. Some hosted private CAs like AWS's offer logs [5], but DIY setups don't.
Even still, there are a lot of folks happily using private CAs, they aren't the target audience for this initial release.
[1] https://github.com/FiloSottile/mkcert/issues/302
[2] https://github.com/cert-manager/cert-manager/issues/3655
[3] https://alexsci.com/blog/name-non-constraint/
[4] https://github.com/Netflix/bettertls/issues/19
[5] https://docs.aws.amazon.com/privateca/latest/userguide/secur...
Chocolatey
-
Giving Kyma a little spin ... a SpinKube
Authenticating with Kyma is a (in my opinion) unnecessary challenge as it leverages the OIDC-login plugin for kubectl. You find a description of the setup here. This works fine when on a Mac but can give you some headaches on a Windows and on Linux machine especially when combined with restrictive setups in corporate environments. For Windows I can only recommend installing krew via chocolatey and then install the OIDC plugin via kubectl krew install oidc-login. At least for me that was the only way to get this working on Windows.
-
Effective Neovim Setup. A Beginner’s Guide
On a Windows machine, you can use Chocolatey by running the command.
- PC MHz fluctuating
-
Need Help with getting Haskell onto my Windows Laptop
I've used WSL2 and GHC/Nix--worked without any issues. However, there is Chocolatey: https://chocolatey.org/
-
Python Versions and Release Cycles
For OSX there is homebrew or pyenv (pyenv is another solution on Linux). As pyenv compiles from source it will require setting up XCode (the Apple IDE) tools to support this which can be pretty bulky. Windows users have chocolatey but the issue there is it works off the binaries. That means it won't have the latest security release available since those are source only. Conda is also another solution which can be picked up by Visual Studio Code as available versions of Python making development easier. In the end it might be best to consider using WSL on Windows for installing a Linux version and using that instead.
-
Helm Charts: An Organised Way to Install Apps on a Kubernetes Cluster
Type the following commands on the Windows terminal to install helm. You can use either Scoop a command-line installer for Windows or Chocolatey which is a Package Manager for Windows to install helm.
-
Was für Tools nutzt ihr zum Einrichten und Daten übertragen auf einen neuen PC?
Für Software ninite.com und chocolatey.org
- Criando ambiente de desenvolvimento Java no Windows - sem wsl
-
OpenAI Whisper: Transcribe in the Terminal for free
While you can install it in many ways, the easiest is using a package manager like Homebrew for macOS or chocolatey for Windows.
-
K8S Quickstart & Helm
Package management is not a new concept in the software industry. On Linux distros, you manage software installation and removal with package managers such as YUM/RPM or APT. On Windows, you can use Chocolatey or Homebrew on Mac.
What are some alternatives?
minica - minica is a small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.
winget-cli - WinGet is the Windows Package Manager. This project includes a CLI (Command Line Interface), PowerShell modules, and a COM (Component Object Model) API (Application Programming Interface).
nginx-docker-ssl-proxy - A docker way to access localhost:8081 from https://local.dev
Scoop - A command-line installer for Windows.
certificates - 🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Squirrel - An installation and update framework for Windows desktop apps
gosumemory - Cross-Platform memory reader for osu!
Wix Toolset
rustls - A modern TLS library in Rust
HomeBrew - 🍺 The missing package manager for macOS (or Linux)
uvicorn - An ASGI web server, for Python. 🦄
video2x - A lossless video/GIF/image upscaler achieved with waifu2x, Anime4K, SRMD and RealSR. Started in Hack the Valley II, 2018.