Skip to content

Commit a1e5706

Browse files
tayloraswifttayloraswift
committed
add guide for using mkcert
1 parent a97e6a6 commit a1e5706

File tree

2 files changed

+43
-0
lines changed

2 files changed

+43
-0
lines changed

Guides/GeneratingCertificates.md

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
# Generating TLS certificates
2+
3+
To simplify the implementation and facilitate testing, Unidoc uses TLS (HTTPS) everywhere, even when running locally.
4+
5+
For a seamless development experience, we recommend using [mkcert](https://github.com/FiloSottile/mkcert) to generate a local certificate authority (CA) for your development environment.
6+
7+
## Installing mkcert
8+
9+
The easiest way to install `mkcert` is to download one of its prebuilt binaries.
10+
11+
```bash
12+
$ curl -JLO "https://dl.filippo.io/mkcert/latest?for=linux/amd64"
13+
chmod +x mkcert-v*-linux-amd64
14+
```
15+
16+
## Generating a local certificate authority
17+
18+
```bash
19+
$ ./mkcert-v1.4.4-linux-amd64 -install
20+
``````
21+
22+
## Generating a local certificate
23+
24+
If the `mkcert-v1.4.4-linux-amd64` binary is located in your home directory, you can generate a certificate for `localhost` by running the following from the repository root:
25+
26+
```bash
27+
$ cd TestCertificates
28+
$ ~/mkcert-v1.4.4-linux-amd64 localhost
29+
30+
```
31+
32+
Then, rename the generated files to `fullchain.pem` and `privkey.pem`.
33+
34+
```bash
35+
$ mv localhost.pem fullchain.pem
36+
$ mv localhost-key.pem privkey.pem
37+
```
38+
39+
You should now be able to run the Unidoc server locally and access it without browser warnings.
40+
41+
Keep in mind that the certificate is only valid for `localhost`; hostnames like `0.0.0.0` will still raise browser warnings.

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,8 @@ Unidoc is tightly-integrated with Swiftinit, but you can run it locally to previ
104104

105105
Unidoc uses [MongoDB](https://www.mongodb.com/) to persist documentation. This allows for fast startup times as Unidoc performs almost no initialization, but requires you to have an active MongoDB replica set running on your local machine. See [`Testing.md`](Guides/Testing.md) for instructions on setting up a local environment.
106106

107+
Unidoc uses HTTPS everywhere. See [`GeneratingCertificates.md`](Guides/GeneratingCertificates.md) for how to generate a local and certificate and certificate authority for `localhost`.
108+
107109
TODO: Add example for running the Unidoc server locally.
108110

109111
TODO: Add example for invoking the Unidoc compiler.

0 commit comments

Comments
 (0)