Introducing ssl-gen a CLI utility for generating self-signed certificates for macOS

November 14, 2020

Today I created a small CLI utility called ssl-gen. When developing sites or APIs locally, having a trusted SSL certificate locally is always difficult. I can never remember all the parameters, and usually write some horrid bash script. To solve this problem I've created ssl-gen. It will generate your certificate and add it to Keychain so that it is registered as a trusted certificate (getting around those annoying invalid cert errors in your browser!).

You can view it on GitHub here: https://github.com/ashsmith/ssl-gen

Installation is with Homebrew:

brew tap ashsmith/ssl-gen
brew install ssl-gen

Then, to use it you provide your desired certificate name followed by the domains you wish to be on the certificate. The first domain will be the used as the common name.

# ssl-gen new [cert-name] [domains...]
ssl-gen new ashs-awesome-cert ashsmith.test www.ashsmith.test someothersite.test

This will generate ashs-awesome-cert.crt and ashs-awesome-cert.key. These can be used on your webserver such as nginx or apache to serve your local development site on HTTPS.

ssl-gen new also accepts -o / --output which allows you to specify where the certificate will be saved:

ssl-gen new ashs-cert ashsmith.test -o ~/.certs

Now your certificate will be saved to: ~/.certs/ashs-cert.crt.

Happy hacking.