320143a817
v1.4.1 • Use sudo when necessary to install in system-wide NSS stores (#192) • Add a -version flag (#191) • Speed up macOS execution by 4x for most users (#135) • Minor usability improvements (#182, #178, #188) v1.4.0 macOS Catalina compatibility, URL and email SANs, and more macOS 10.15 Catalina introduced certificate lifespan limits which block mkcert certificates. As a temporary measure, mkcert certificates now have a fixed notBefore date of June 1st, 2019. Once the ACME server is implemented, certificate lifespan will be shortened to 3 months. (#174) Certificates generated by previous versions of mkcert after July 1st, 2019 will not work on macOS 10.15 Catalina, and will have to be regenerated. The root CA is unaffected and there is no need to rerun mkcert -install. URL (#166) and email (for S/MIME, #152) SANs are now supported. Client certificates are now created with a -client filename suffix, and they claim the serverAuth EKU as well as the clientAuth one. The certificate subject now includes the full user name, like filippo@Bistromath.local (Filippo Valsorda). SLES, OpenSUSE (#162), Snapcraft (#116), and CentOS 7 (#120) are now supported. Linux release binaries are now fully static, and will work regardless of the system libc. (#169) v1.3.0 New advanced options: • -ecdsa to generate ECDSA private keys • -client to generate client certificates • -csr to sign certificate signing requests • $TRUST_STORES to select what stores to install into Also, in other news: • Add "Firefox Nightly.app" support on macOS • Set the CommonName when generating PKCS#12 files for IIS |
||
---|---|---|
.. | ||
DESCR | ||
distinfo | ||
Makefile | ||
PLIST |