Configuring Browsers for DDEV projects¶

Most DDEV users can ignore this page. The standard instructions in DDEV Installation do everything that is needed. These instructions are for unusual browsers or OS environments.

DDEV generates SSL certificates to enable local projects to use the HTTPS protocol. It uses a custom root Certificate Authority (CA) to generate SSL certificates for *.ddev.site domains.

However, since this is a custom CA, web browsers display an ERR_CERT_AUTHORITY_INVALID warning when trying to access a local DDEV site over HTTPS.

To eliminate this warning, you can install the custom root CA into your browser.

For default browsers, this works automatically using the mkcert utility.

For custom browsers (such as Firefox Developer Edition, Vivaldi, etc.), manual steps may be required.

Want to learn more about HTTPS in DDEV?

See Hostnames and Wildcards and DDEV, Oh My! for more information on DDEV hostname resolution.

Adding the DDEV Root Certificate Authority to Browsers¶

The steps to install the root CA depend on the browser, but they generally follow this process:

Use mkcert -CAROOT to locate the directory with the generated root certificate. Inside, you should find a rootCA.pem file. If it’s missing, run mkcert -install command.
Open your browser and navigate to the preferences or settings.
Find the Certificate Manager, typically located in the “Security” section of the preferences.
Click the “View Certificates” button.
Go to the “Authorities” tab.
Click the “Import” button to add a custom authority certificate.
Import the rootCA.pem file to install the root certificate authority.

Still having issues?

Check out this specific mkcert thread for additional troubleshooting.