Laragon HTTPS Certs from a CA

  • | 617 points


    I have a feature request regarding how Laragon handles the creation of the certificates for apache/nginx SSL, as I've already saw, that Laragon re-issues the certificate for each newly created domain as an extra DNS name, that's good so far, then Laragon will add this certificate to windows Certificate trust store, here arises the problem when using Firefox, Firefox newly don't trust certificates from Windows Cert Store, and it needed to be enabled manually from about:config by setting the flag "security.enterprise_roots.enabled" to true, and this sadly still somehow buggy.
    Chrome, however, handles this properly as it always read from the Windows cert store at first, then all Laragon links will be trusted without a warning.

    So from that perspective, wouldn't it make more sense if Larargon creates its own CA, add it to the windows trust store, this way we leverage the addition of new certificate every time to windows, and Firefox can trust this once and forever for future certs created from Laragon.

    What do you think?

  • administrators
    | 131225 points

    @DonMcCoy : Many thanks for your information. I will consider it.

  • | 617 points

    You're so welcome, and many thanks for the effort in creating it, I would've gladly made these changes myself if Laragon was open source, It would be awesome if you consider open sourcing it, being purely for the community and beating by far the other proprietary software.

Log in to reply

Looks like your connection to Laragon was lost, please wait while we try to reconnect.