mkcert Rules

Zero-config tool for locally-trusted HTTPS certificates. Create valid TLS certs for development without browser warnings.

3 rules

View Commands

mkcert CA Key Security Policy

Beginner

Enforce security policies for mkcert CA keys — never commit, never share, never mount in containers, and proper file permissions for the root CA private key.

globs: **/.gitignore, **/docker-compose*.yml, **/certs/**

ca-key-security, certificate-safety, gitignore, secret-protection

View Rule

Local Certificate Generation Standards

Beginner

Enforce standards for mkcert certificate generation — domain naming, file naming conventions, directory structure, and required SAN entries for consistent team development.

globs: **/certs/**, **/scripts/setup-certs*, **/.gitignore

certificate-standards, san-entries, file-naming, domain-conventions

View Rule

Local DNS and Hosts File Standards

Beginner

Enforce standards for managing /etc/hosts entries alongside mkcert certificates — consistent domain naming, cleanup procedures, and alternative DNS solutions for local development.

globs: **/scripts/setup-hosts*, **/Makefile, **/README*

hosts-file, local-dns, domain-management, development-setup

View Rule