torbo/flyer-crawler.projectium.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4f06698dfd5e00a80c1c8dfd42bfac49a2371b3c
flyer-crawler.projectium.com/certs
History

README.md

Development SSL Certificates

This directory contains SSL certificates for the development container HTTPS setup.

Files

File Purpose Generated By
localhost.crt SSL certificate for localhost and 127.0.0.1 mkcert (in Dockerfile.dev)
localhost.key Private key for localhost.crt mkcert (in Dockerfile.dev)
mkcert-ca.crt Root CA certificate for trusting mkcert certificates mkcert

Certificate Details

The localhost.crt certificate includes the following Subject Alternative Names (SANs):

  • DNS:localhost
  • IP Address:127.0.0.1
  • IP Address:::1 (IPv6 localhost)

This allows the development server to be accessed via both https://localhost/ and https://127.0.0.1/ without SSL errors.

Installing the CA Certificate (Recommended)

To avoid SSL certificate warnings in your browser, install the mkcert CA certificate on your system.

Windows

  1. Double-click mkcert-ca.crt
  2. Click "Install Certificate..."
  3. Select "Local Machine" > Next
  4. Select "Place all certificates in the following store"
  5. Click Browse > Select "Trusted Root Certification Authorities" > OK
  6. Click Next > Finish
  7. Restart your browser

macOS

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain certs/mkcert-ca.crt

Linux

# Ubuntu/Debian
sudo cp certs/mkcert-ca.crt /usr/local/share/ca-certificates/mkcert-ca.crt
sudo update-ca-certificates

# Fedora/RHEL
sudo cp certs/mkcert-ca.crt /etc/pki/ca-trust/source/anchors/
sudo update-ca-trust

Firefox (All Platforms)

Firefox uses its own certificate store:

  1. Open Firefox Settings
  2. Search for "Certificates"
  3. Click "View Certificates"
  4. Go to "Authorities" tab
  5. Click "Import..."
  6. Select certs/mkcert-ca.crt
  7. Check "Trust this CA to identify websites"
  8. Click OK

After Installation

Once the CA certificate is installed:

  • Your browser will trust all mkcert certificates without warnings
  • Access https://localhost/ with no security warnings
  • Images from https://127.0.0.1/flyer-images/ will load without SSL errors

Regenerating Certificates

If you need to regenerate the certificates (e.g., after rebuilding the container):

# Inside the container
cd /app/certs
mkcert localhost 127.0.0.1 ::1
mv localhost+2.pem localhost.crt
mv localhost+2-key.pem localhost.key
nginx -s reload

# Copy the new CA to the host
podman cp flyer-crawler-dev:/app/certs/mkcert-ca.crt ./certs/mkcert-ca.crt

Then reinstall the CA certificate as described above.

Security Note

DO NOT commit the private key (localhost.key) to version control in production projects. For this development-only project, the certificates are checked in for convenience since they're only used locally with self-signed certificates.

The certificates in this directory are automatically generated by the Dockerfile.dev and should not be used in production.

See Also

Reference in New Issue View Git Blame Copy Permalink