starred/mkcert
1
0
Fork 0
mirror of https://github.com/FiloSottile/mkcert.git synced 2026-04-25 05:26:03 +03:00
Code Issues 165 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #429] is it safe to install a certificate generated by mkcert from other people? #283

New issue
Closed
opened 2026-02-25 22:33:01 +03:00 by kerem · 2 comments
kerem commented 2026-02-25 22:33:01 +03:00
Owner
Copy link

Originally created by @dfang on GitHub (Feb 24, 2022).
Original GitHub issue: https://github.com/FiloSottile/mkcert/issues/429

what if i install a certificate generated by mkcert to my mac from xyz.com and trusted it? is it safe? can he (the man who generated the certificate) decrypt what i searched on https://www.google.com or what i bought on https://amazon.com?

Originally created by @dfang on GitHub (Feb 24, 2022). Original GitHub issue: https://github.com/FiloSottile/mkcert/issues/429 what if i install a certificate generated by mkcert to my mac from xyz.com and trusted it? is it safe? can he (the man who generated the certificate) decrypt what i searched on https://www.google.com or what i bought on https://amazon.com?
kerem closed this issue 2026-02-25 22:33:01 +03:00
kerem commented 2026-02-25 22:33:01 +03:00
Author
Owner
Copy link

@FiloSottile commented on GitHub (Feb 24, 2022):

It is not safe to install a root generated by mkcert (this process). That will indeed allow them to intercept connections to any site.

Installing a specific site certificate (that generated by mkcert example.com for example) will only allow intercepting connections to that specific site.

<!-- gh-comment-id:1049983281 --> @FiloSottile commented on GitHub (Feb 24, 2022): It is not safe to install a _root_ generated by mkcert ([this process](https://github.com/FiloSottile/mkcert#installing-the-ca-on-other-systems)). That will indeed allow them to intercept connections to any site. Installing a specific site certificate (that generated by `mkcert example.com` for example) will only allow intercepting connections to that specific site.
kerem commented 2026-02-25 22:33:01 +03:00
Author
Owner
Copy link

@dfang commented on GitHub (Feb 25, 2022):

very clear, thanks !

<!-- gh-comment-id:1050862832 --> @dfang commented on GitHub (Feb 25, 2022): very clear, thanks !
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.0
v1.2.0
v1.1.2
v1.1.1
v1.1.0
v1.0.1
v1.0.0
v0.9.1
v0.9.0
Labels
Clear labels   
TLS stack issue

   
Windows

   
bug

   
duplicate

   
duplicate

   
enhancement

   
help wanted

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
root store

   
waiting for info
No labels
TLS stack issue
Windows
bug
duplicate
duplicate
enhancement
help wanted
help wanted
pull-request
question
question
root store
waiting for info
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/mkcert#283
No description provided.