Any alternatives or workaround to avoid importing the CA certificates for internal domains #587
kaushalshriyan
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
$ mkcert -install
Created a new local CA 💥
The local CA is now installed in the system trust store! ⚡️
The local CA is now installed in the Firefox trust store (requires browser restart)! 🦊
$ mkcert "*.internal.example.com"
This ensures that clients trust the CA for internal domain SSL certificates.
By setting up a CA to issue certificates for internal domains, we can ensure secure communication within your network. Make sure to distribute and import the CA certificate into both the system and browser trust stores for seamless operation. This setup enhances security and simplifies certificate management for our internal infrastructure.
Are there any alternatives or options to avoid importing the CA certificates for internal domains into client devices as per the instructions below? Can it be automated etc... or any alternative?
Windows: Follow the steps to import ca.crt into the Trusted Root Certification Authorities store via MMC.
macOS: Use Keychain Access to import ca.crt into the System keychain.
Linux: Place ca.crt in the appropriate directory and update the CA certificates (e.g., /usr/local/share/ca-certificates/ and sudo update-ca-certificates for Debian/Ubuntu).
Please guide.
Best Regards,
Kaushal
Beta Was this translation helpful? Give feedback.
All reactions