lego/e2e/fixtures/certs/README.md
Ludovic Fernandez 3cefc7a51b
chore: fix grammar and typo (#1978)
Co-authored-by: Dominik Menke <git@dmke.org>
2023-07-29 12:59:24 +02:00

1 KiB

certs/

This directory contains a CA certificate (pebble.minica.pem) and a private key (pebble.minica.key.pem) that are used to issue an end-entity certificate (See certs/localhost) for the Pebble HTTPS server.

To get your testing code to use Pebble without HTTPS errors you should configure your ACME client to trust the pebble.minica.pem CA certificate. Your ACME client should offer a runtime option to specify a list of root CAs that you can configure to include the pebble.minica.pem file.

Do not add this CA certificate to the system trust store or in production code!!! The CA's private key is public and anyone can use it to issue certificates that will be trusted by a system with the Pebble CA in the trust store.

To re-create all certificates used by Pebble, run:

minica -ca-cert pebble.minica.pem \
       -ca-key pebble.minica.key.pem \
       -domains localhost,pebble \
       -ip-addresses 127.0.0.1

From the test/certs/ directory after installing MiniCA