BestHub
Sign in
Backend Development 8 min read

Using mkcert to Quickly Generate Trusted Local SSL/TLS Certificates

This article introduces the open‑source tool mkcert, explains its features, shows how to install it on various operating systems, generate multi‑domain certificates, and configure Nginx for HTTPS, while also noting additional community resources and promotional offers.

Top Architect
Top Architect
Top Architect
Using mkcert to Quickly Generate Trusted Local SSL/TLS Certificates

Configuring HTTPS in a local development environment can be cumbersome; this guide presents mkcert, a free open‑source utility that streamlines the creation of trusted local SSL/TLS certificates.

What is mkcert?

mkcert, developed by Filippo Valsorda, automatically generates and installs locally trusted certificates across multiple operating systems, simplifying HTTPS setup for developers.

mkcert’s Open‑Source Achievements

With a simple and efficient design, mkcert has earned over 49.2K stars on GitHub, making it a popular choice for both novice web developers and seasoned backend engineers.

Key Features

1. Zero‑configuration, time‑saving

After installation, a few commands generate and trust a local certificate, eliminating the manual steps of traditional SSL creation.

2. Supports multiple domains and IP addresses

mkcert can create certificates for localhost, custom domains, and specific IP addresses, catering to diverse testing scenarios.

3. Cross‑platform support

It runs on Linux, macOS, and Windows, ensuring seamless usage across major development environments.

4. Advanced capabilities

Beyond basic certificates, mkcert can produce client authentication certificates, ECDSA keys, PKCS#12 files, and more for complex security needs.

Installation and Usage Tutorial

1. Install mkcert

Download the pre‑compiled binary for your OS from the mkcert GitHub page.

Run the following command to install the local CA:

mkcert install

On macOS you can also use Homebrew:

brew install mkcert
brew install nss # if you use Firefox

2. Generate certificates

To create a certificate for your project, execute:

mkcert example.com localhost 127.0.0.1

This command produces two files: example.com+1.pem (the certificate) and example.com+1-key.pem (the private key), which can be used in your server configuration.

3. Configure Nginx

After generating the files, add them to your Nginx server block:

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /path/to/example.com+1.pem;  # certificate file
    ssl_certificate_key /path/to/example.com+1-key.pem;  # private key file

    # other configuration...
}

Reload or restart Nginx, and your local site will be accessible securely via HTTPS.

Conclusion

mkcert makes SSL certificate generation and management straightforward, greatly improving efficiency for developers testing HTTPS locally while ensuring security.

The article also includes promotional material for ChatGPT services, a paid community group, and various offers unrelated to the technical tutorial.

nginxHTTPSSSLLocal Developmentmkcertcertificate generation
Top Architect
Written by

Top Architect

Top Architect focuses on sharing practical architecture knowledge, covering enterprise, system, website, large‑scale distributed, and high‑availability architectures, plus architecture adjustments using internet technologies. We welcome idea‑driven, sharing‑oriented architects to exchange and learn together.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment