lego/e2e/fixtures/certs/README.md
Ludovic Fernandez 3cefc7a51b
chore: fix grammar and typo (#1978)
Co-authored-by: Dominik Menke <git@dmke.org>
2023-07-29 12:59:24 +02:00

24 lines
1 KiB
Markdown

# certs/
This directory contains a CA certificate (`pebble.minica.pem`) and a private key
(`pebble.minica.key.pem`) that are used to issue an end-entity certificate (See
`certs/localhost`) for the Pebble HTTPS server.
To get your **testing code** to use Pebble without HTTPS errors you should
configure your ACME client to trust the `pebble.minica.pem` CA certificate. Your
ACME client should offer a runtime option to specify a list of root CAs that you
can configure to include the `pebble.minica.pem` file.
**Do not** add this CA certificate to the system trust store or in production
code!!! The CA's private key is **public** and anyone can use it to issue
certificates that will be trusted by a system with the Pebble CA in the trust
store.
To re-create all certificates used by Pebble, run:
minica -ca-cert pebble.minica.pem \
-ca-key pebble.minica.key.pem \
-domains localhost,pebble \
-ip-addresses 127.0.0.1
From the `test/certs/` directory after [installing MiniCA](https://github.com/jsha/minica#installation)