How to trust self-signed certificates on macOS

HTTPS and SSL are important for security and it’s great that most browsers require or strongly encourage them to be used. This can be a little tricky, though, when you’re doing local development and you keep getting console errors about localhost not having SSL enabled. If you create a self-signed certificate with something like mkcert then you’re halfway there.

The rest of the battle is getting your web server to use the certificate (which will depend on what kind of server you’re using) and getting your system to trust your certificate.

To make sure your system and browsers (including Chrome, Firefox, Safari, Edge, etc.) will accept your certificate as valid, you can follow these steps:

  1. Open Keychain Access and the All Items category (lower left)
  2. Locate your self-signed certificate file (.pem, .p12, or something else) in Finder
  3. Drag your certificate file from Finder to Keychain Access, in the list on the right
  4. Open Certificates on the very bottom left
  5. Find the certificate you just dragged in and double click it (if there’s a dropdown arrow on the left then just ignore that, we want the top level one)
  6. Click the Trust dropdown arrow then change When using this certificate from System Defaults to Always Trust

Here’s a video that might also be helpful:

Now if you’re running anything on localhost that’s using your self-signed certificate, you can open that in any browser and you should see in the address bar that this is now a trusted site!

Published 4 Sep 2020

Learnings, tutorials, and advice about career, technology, and software development
@rwxdev on Twitter