Skip to content
Ultimate zero-config tool to create Private Certificate Authority & issue locally-trusted development server certificates with any domain names you'd like.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.



Issue localhost development server certificates signed by own Private Certificate Authority in no time.

Use !pric only for development on local hosts. For public hosts consider using Let's Encrypt!


Self-signed certificates cause trust errors and issuing locally-trusted development certificates signed by a real Certificate Authority (CA) can be dangerous or even impossible for the hosts like or localhost.

!pric automatically creates and installs a local CA in the system root store, and generates locally-trusted certificates.


Download !pric sources via browser and unzip file.

In unzipped directory execute terminal command:

$ sh

This command will:

  1. Generate Certificate Authority private key in /usr/local/share/ca-certificates/!pric/ca.key
  2. Generate Certificate Authority self-signed certificate in /usr/local/share/ca-certificates/!pric/ca.crt
  3. Generate localhost private key in ./output/localhost.key
  4. Generate localhost certificate signing request in ./output/localhost.csr
  5. Generate localhost certificate signed by Certificate Authority in ./output/localhost.crt
  6. Compile PEM file in ~/localhost-certificate.pem (required for Reverse proxy for PHP built-in server)

Terminal output:

!pric output

Import Certificate Authority to browser


  1. Go to about:preferences in address bar.
  2. Search for Certificates and click View Cerficicates button.
  3. In Authorities tab click Import and choose /usr/local/share/ca-certificates/!pric/ca.crt certificate.

!pric Certificate Authority will be added to the list.

Chromium (Chrome)

  1. Go to chrome://settings/certificates in address bar.
  2. In Authorities tab click Import and choose /usr/local/share/ca-certificates/!pric/ca.crt certificate.

org-!pric Certificate Authority will be added to the list.


By default !pric creates certificate for the following domain names:

  • localhost
  • test.localhost
  • *.test.localhost (wildcard)

This list could be changed in ./openssl.dns.cnf file (!pric creates missing config file on start).

Verify Certificate Working

Run web development server on 4000 port and try to access it via cURL:

$ curl -v https://localhost:4000

* Rebuilt URL to: https://localhost:4000/
*   Trying
* Connected to localhost ( port 4000 (#0)
* found 150 certificates in /etc/ssl/certs/ca-certificates.crt
* found 602 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* 	 server certificate verification OK
* 	 server certificate status verification SKIPPED
* 	 common name: localhost (matched)
* 	 server certificate expiration date OK
* 	 server certificate activation date OK
* 	 certificate public key: RSA
* 	 certificate version: #3
* 	 subject: O=!pric,CN=localhost
* 	 start date: Mon, 21 Oct 2019 00:11:45 GMT
* 	 expire date: Wed, 27 Sep 2119 00:11:45 GMT
* 	 issuer: O=!pric,CN=localhost
* 	 compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
> Host: localhost:4000
> User-Agent: curl/7.47.0
> Accept: */*



You can’t perform that action at this time.