Created
September 30, 2025 06:46
-
-
Save ziyan-junaideen/a2674aa8b5ae229fd5c3e82e6cf78205 to your computer and use it in GitHub Desktop.
Managing mkcert Root Certificates on macOS: A Simple Script for Project-Specific Setups
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # mkcert-config: Manage mkcert root CA files | |
| # Usage: | |
| # mkcert-config default | |
| # mkcert-config setup -root <path> -key <path> | |
| # mkcert-config reset | |
| # mkcert-config restore | |
| set -e | |
| CAROOT=$(mkcert -CAROOT) | |
| ROOT_CA="$CAROOT/rootCA.pem" | |
| ROOT_KEY="$CAROOT/rootCA-key.pem" | |
| BACKUP_SUFFIX=".default" | |
| function error() { | |
| echo "Error: $1" >&2 | |
| exit 1 | |
| } | |
| case "$1" in | |
| default) | |
| # Backup current mkcert root CA files | |
| for file in "$ROOT_CA" "$ROOT_KEY"; do | |
| if [ -f "$file$BACKUP_SUFFIX" ]; then | |
| error "Backup $file$BACKUP_SUFFIX already exists. Aborting." | |
| fi | |
| if [ -f "$file" ]; then | |
| cp "$file" "$file$BACKUP_SUFFIX" | |
| echo "Backed up $file to $file$BACKUP_SUFFIX" | |
| else | |
| echo "Warning: $file not found, skipping backup." | |
| fi | |
| done | |
| ;; | |
| setup) | |
| # Replace current root/key with provided files | |
| while [[ $# -gt 0 ]]; do | |
| case "$2" in | |
| -root) | |
| ROOT_PATH="$3" | |
| shift 2 | |
| ;; | |
| -key) | |
| KEY_PATH="$3" | |
| shift 2 | |
| ;; | |
| *) | |
| shift | |
| ;; | |
| esac | |
| done | |
| [ -z "$ROOT_PATH" ] && error "Missing -root <path> argument." | |
| [ -z "$KEY_PATH" ] && error "Missing -key <path> argument." | |
| for file in "$ROOT_CA" "$ROOT_KEY"; do | |
| if [ -f "$file" ]; then | |
| mv "$file" "$file.tmp" | |
| fi | |
| done | |
| cp "$ROOT_PATH" "$ROOT_CA" | |
| cp "$KEY_PATH" "$ROOT_KEY" | |
| for file in "$ROOT_CA" "$ROOT_KEY"; do | |
| if [ -f "$file.tmp" ]; then | |
| rm "$file.tmp" | |
| fi | |
| done | |
| echo "Replaced $ROOT_CA and $ROOT_KEY with provided files." | |
| ;; | |
| reset) | |
| # Restore backed up mkcert root CA files (move backup to original) | |
| for file in "$ROOT_CA" "$ROOT_KEY"; do | |
| if [ ! -f "$file$BACKUP_SUFFIX" ]; then | |
| error "Backup $file$BACKUP_SUFFIX does not exist. Aborting." | |
| fi | |
| mv "$file$BACKUP_SUFFIX" "$file" | |
| echo "Restored $file from $file$BACKUP_SUFFIX" | |
| done | |
| ;; | |
| restore) | |
| # Remove existing certs and copy default backup | |
| for file in "$ROOT_CA" "$ROOT_KEY"; do | |
| if [ -f "$file" ]; then | |
| rm "$file" | |
| fi | |
| if [ ! -f "$file$BACKUP_SUFFIX" ]; then | |
| error "Backup $file$BACKUP_SUFFIX does not exist. Aborting." | |
| fi | |
| cp "$file$BACKUP_SUFFIX" "$file" | |
| echo "Restored $file from $file$BACKUP_SUFFIX" | |
| done | |
| ;; | |
| *) | |
| echo "Usage: $0 default | setup -root <path> -key <path> | reset" | |
| exit 1 | |
| ;; | |
| esac |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment