mkcertWeb: A Secure Web UI for Managing Local Development SSL Certificates
Summary
mkcertWeb provides a modern and secure web interface for managing SSL certificates using the mkcert CLI tool. It simplifies the generation, download, and management of locally trusted development certificates, offering enterprise-grade security features and an intuitive user experience. This project is ideal for developers and teams needing efficient certificate handling for various environments.
Repository Info
Tags
Click on any tag to explore related repositories
Introduction
mkcertWeb is an open-source project that brings a user-friendly web interface to the powerful mkcert command-line tool. Designed for developers, it streamlines the process of creating and managing locally trusted SSL certificates for development environments across Linux, macOS, and Windows. With features like multi-domain certificate generation, SCEP service, and robust security, mkcertWeb transforms certificate management from a command-line task into an accessible web operation.
Installation
Getting mkcertWeb up and running is straightforward, especially with Docker.
Using Docker (Recommended)
# Clone the repository and start with docker-compose
git clone https://github.com/jeffcaldwellca/mkcertWeb.git
cd mkcertWeb
docker-compose up -d
# Access the application
# Open your browser to http://localhost:3000
For more detailed Docker setup instructions, refer to the official DOCKER.md file in the repository.
Local Installation
If you prefer a local setup, ensure you have Node.js 16+, mkcert, and OpenSSL installed.
# Install dependencies
npm install
# Install mkcert's local CA (first time only)
mkcert -install
# Start the application
npm start
Examples
Once mkcertWeb is running, you can access its features via the web interface or its API.
Web Interface Usage:
- Navigate to
http://localhost:3000in your browser. - Log in using the configured credentials (default: admin/admin).
- Enter your desired domains or IP addresses (one per line).
- Select the certificate format (PEM, CRT, or PFX) and generate.
- Download your new certificates or manage existing ones.
API Example (Generate Certificate):
You can also interact with mkcertWeb programmatically. Here's an example using curl to generate a certificate:
curl -X POST http://localhost:3000/api/generate \
-H "Content-Type: application/json" \
-d '{"domains":["localhost","127.0.0.1"],"format":"pem"}'
Why Use
mkcertWeb offers significant advantages for anyone dealing with local development SSL certificates:
- Ease of Use: A modern, responsive web UI simplifies complex
mkcertoperations. - Enhanced Security: Features like command injection protection, path traversal prevention, input sanitization, and multi-tier rate limiting ensure a secure environment.
- Comprehensive Features: Generate certificates for multiple domains, support SCEP for automatic device enrollment, and receive email notifications for expiring certificates.
- Flexible Authentication: Integrates with Basic Auth and OpenID Connect SSO.
- Docker Ready: Quick deployment and consistent environments with Docker.
- Monitoring: Automatic certificate monitoring with configurable warning periods helps prevent unexpected expirations.
Links
- GitHub Repository: https://github.com/jeffcaldwellca/mkcertWeb
- Docker Hub: https://hub.docker.com/r/jeffcaldwellca/mkcertweb
- Detailed Docker Instructions: DOCKER.md
- SCEP Configuration: SCEP.md