Caddy local CA
Firefox does not recognize Caddy's local Certificate Authority by default.
When running Caddy locally, it will also generate its own local Certificate Authority (CA). Caddy will use this CA to sign certificates for local HTTPS.
This is pretty cool! But Caddy’s local HTTPS does not work in Firefox by default. When running Caddy on localhost
, Firefox will show the error code SEC_ERROR_UNKNOWN_ISSUER
when visiting https://localhost
(other browsers like Safari don’t have this issue).
Turns out that Firefox does not recognize Caddy’s local CA by default. And you have to manually import Caddy’s local root certificate into Firefox.
How to import Caddy’s local root certificate into Firefox?
-
Open Firefox and go to
about:preferences#privacy
. -
Scroll down to the
Security > Certificates
section, and clickView Certificates
.
- Select the
Authorities
tab, and clickImport
.
- Find Caddy’s local root certificate in its data directory, and open it. On a Mac it’s located at
~/Library/Application\ Support/Caddy/pki/authorities/local/root.crt
.
- Check the
Trust this CA to identify websites
checkbox, and clickOK
.
- The
Caddy Local Authority
should now be listed in theAuthorities
tab.
- Restart Firefox, and accessing localhost over HTTPS will now work!