Varying Vagrant Vagrants logo Varying Vagrant Vagrants

Once the main authority certificate is trusted by your operating system or browser, all certificates VVV generates will always be trusted. The details of how to do this will depend on your platform, but to do so you will need to know where the certificate is located.

You can find the central certificate in certificates/ca/ca.crt. There are some caveats though:

Trusting The VVV Root Certificate On MacOS / OS X

Trusting the VVV Root Certificate in Firefox

Firefox uses its own root certificate list, to access it:

Trusting the VVV Root Certificate on Windows 10

Trusting the VVV Root Certificate on iOS

You will need to place the authority somewhere mobile safari can access. Make sure nobody see this as it could be a security risk, and remove the file once installed.

Be mindful that doing this from an app such as one drive or google drive may not work.

You can verify the certificate is installed by going to Settings->General->Profiles. This option will only appear if profiles are installed, if it’s missing then the operation was unsuccesful.

Trusting the VVV Root Certificate on Android

Note that this is possible on Android 4-7, earlier versions require a rooted device;

System-installed certificates can be managed on the Android device in the Settings -> Security -> Certificates -> ‘System’-section, whereas the user trusted certificates are manged in the ‘User’-section there. When using user trusted certificates, Android will force the user of the Android device to implement additional safety measures: the use of a PIN-code, a pattern-lock or a password to unlock the device are mandatory when user-supplied certificates are used.

Android 8/N and later require changes to an app manifest, greatly limiting the use cases, here’s an extract from the charles proxy website:

As of Android N, you need to add configuration to your app in order to have it trust the SSL certificates generated by Charles SSL Proxying. This means that you can only use SSL Proxying with apps that you control.

In order to configure your app to trust Charles, you need to add a Network Security Configuration File to your app. This file can override the system default, enabling your app to trust user installed CA certificates (e.g. the Charles Root Certificate). You can specify that this only applies in debug builds of your application, so that production builds use the default trust profile.

Trusting the VVV Root Certificate on Other Operating Systems

There’s a wide variety of operating systems out there, and we can’t cover them all. If you can’t find instructions via Google, try checking instructions specific to your browser, a lot of browsers have their own list of authorities you can add to, and their own certificate managers.

There are more instructions on the CACert wiki here,