← all formulae

mkcert

brew install mkcert v1.4.4 BSD-3-Clause

Go tool to generate locally-trusted TLS certificates for development without manual CA management.

Why you might care

Eliminates trust warnings in browsers during local HTTPS development by automatically installing a local CA and generating valid certificates for localhost, private domains, and IP addresses. Single command replaces complex openssl workflows; browsers and system trust stores recognize certs immediately.

Categories

cli-tool security tls development

Alternatives

openssl certbot cfssl

16.2k

30-day installs · #267

54.7k

90-day · #261

732.2k

365-day · #89

59.1k

★ GitHub stars · updated 1y ago

Build dependencies

go

GitHub topics

certificates chrome firefox https ios linux local-development localhost macos root-ca tls windows

Links

https://github.com/FiloSottile/mkcert
GitHub: FiloSottile/mkcert
Brew formula source: Formula/m/mkcert.rb

Blurb generated by claude-haiku-4-5 on today.

Raw metadata

{
  "aliases": [],
  "alternatives": [
    "openssl",
    "certbot",
    "cfssl"
  ],
  "build_dependencies": [
    "go"
  ],
  "categories": [
    "cli-tool",
    "security",
    "tls",
    "development"
  ],
  "caveats": null,
  "conflicts_with": [],
  "dependencies": [],
  "deprecated": 0,
  "deprecation_reason": null,
  "desc": "Simple tool to make locally trusted development certificates",
  "disable_reason": null,
  "disabled": 0,
  "enrichment_fetched_at": "2026-06-20T23:40:46+00:00",
  "first_seen": "2026-06-20T23:34:18+00:00",
  "full_name": "mkcert",
  "github_default_branch": "master",
  "github_last_commit_at": "2024-08-13T13:37:46Z",
  "github_readme_excerpt": "# mkcert\n\nmkcert is a simple tool for making locally-trusted development certificates. It requires no configuration.\n\n```\n$ mkcert -install\nCreated a new local CA \ud83d\udca5\nThe local CA is now installed in the system trust store! \u26a1\ufe0f\nThe local CA is now installed in the Firefox trust store (requires browser restart)! \ud83e\udd8a\n\n$ mkcert example.com \"*.example.com\" example.test localhost 127.0.0.1 ::1\n\nCreated a new certificate valid for the following names \ud83d\udcdc\n - \"example.com\"\n - \"*.example.com\"\n - \"example.test\"\n - \"localhost\"\n - \"127.0.0.1\"\n - \"::1\"\n\nThe certificate is at \"./example.com+5.pem\" and the key at \"./example.com+5-key.pem\" \u2705\n```\n\n\u003cp align=\"center\"\u003e\u003cimg width=\"498\" alt=\"Chrome and Firefox screenshot\" src=\"https://user-images.githubusercontent.com/1225294/51066373-96d4aa80-15be-11e9-91e2-f4e44a3a4458.png\"\u003e\u003c/p\u003e\n\nUsing certificates from real certificate authorities (CAs) for development can be dangerous or impossible (for hosts like `example.test`, `localhost` or `127.0.0.1`), but self-signed certificates cause trust errors. Managing your own CA is the best solution, but usually involves arcane commands, specialized knowledge and manual steps.\n\nmkcert automatically creates and installs a local CA in the system root store, and generates locally-trusted certificates. mkcert does not automatically configure servers to use the certificates, though, that\u0027s up to you.\n\n## Installation\n\n\u003e **Warning**: the `rootCA-key.pem` file that mkcert automatically generates gives complete power to intercept secure requests from your machine. Do not share it.\n\n### macOS\n\nOn macOS, use [Homebrew](https://brew.sh/)\n\n```\nbrew install mkcert\nbrew install nss # if you use Firefox\n```\n\nor [MacPorts](https://www.macports.org/).\n\n```\nsudo port selfupdate\nsudo port install mkcert\nsudo port install nss # if you use Firefox\n```\n\n### Linux\n\nOn Linux, first install `certutil`.\n\n```\nsudo apt install libnss3-tools\n    -or-\nsudo yum install nss-tools\n    -or-\nsudo pacman -S nss\n    -or-\nsudo zypper install mozi",
  "github_repo": "FiloSottile/mkcert",
  "github_stars": 59118,
  "github_topics": [
    "certificates",
    "chrome",
    "firefox",
    "https",
    "ios",
    "linux",
    "local-development",
    "localhost",
    "macos",
    "root-ca",
    "tls",
    "windows"
  ],
  "homepage": "https://github.com/FiloSottile/mkcert",
  "homepage_og_description": null,
  "homepage_og_image": null,
  "homepage_title": null,
  "installs_30d": 16183,
  "installs_365d": 732197,
  "installs_90d": 54681,
  "keg_only": 0,
  "keg_only_reason": null,
  "last_seen": "2026-06-20T23:34:18+00:00",
  "license": "BSD-3-Clause",
  "llm_generated_at": "2026-06-20T23:43:48+00:00",
  "llm_model": "claude-haiku-4-5",
  "name": "mkcert",
  "oldnames": [],
  "one_liner": "Go tool to generate locally-trusted TLS certificates for development without manual CA management.",
  "optional_dependencies": [],
  "rank_30d": 267,
  "rank_365d": 89,
  "rank_90d": 261,
  "raw_hash": "2de36eec62059b5b",
  "recommended_dependencies": [],
  "revision": 0,
  "ruby_source_path": "Formula/m/mkcert.rb",
  "tap": "homebrew/core",
  "test_dependencies": [],
  "uses_from_macos": [],
  "version_head": "HEAD",
  "version_stable": "1.4.4",
  "versioned_formulae": [],
  "why_use_this": "Eliminates trust warnings in browsers during local HTTPS development by automatically installing a local CA and generating valid certificates for localhost, private domains, and IP addresses. Single command replaces complex openssl workflows; browsers and system trust stores recognize certs immediately."
}