VVV logo VVV

Once the main authority certificate is trusted by your operating system or browser, all certificates VVV generates will always be trusted. The details of how to do this will depend on your platform, but to do so you will need to know where the certificate is located.

You can find the central certificate in certificates/ca/ca.crt. There are some caveats though:

Trusting the VVV Root Certificate On MacOS / OS X

The certificate can also be added via a terminal command from inside the VVV folder:

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain certificates/ca/ca.crt

Trusting the VVV Root Certificate in Firefox

Firefox uses its own root certificate list, to access it:

Trusting the VVV Root Certificate on Windows 10

To do this via a command line with admin priviledges, run this command in the VVV folder:

certutil -enterprise -f -v -AddStore "Root" "certificates/ca/ca.crt"

To do it via the user interface:

Trusting the VVV Root Certificate on iOS

You will need to place the authority somewhere mobile Safari can access. Make sure nobody can see this as it could be a security risk, and remove the file once installed.

Be mindful that doing this from an app such as Microsoft OneDrive or Google Drive may not work.

You can verify the certificate is installed by going to Settings->General->Profiles. This option will only appear if profiles are installed, if it’s missing then the operation was unsuccessful.

Trusting the VVV Root Certificate on Android

Note that this is possible on Android 4-7, earlier versions require a rooted device;

System-installed certificates can be managed on the Android device in the Settings -> Security -> Certificates -> ‘System’-section, whereas the user trusted certificates are managed in the ‘User’-section there. When using user trusted certificates, Android will force the user of the Android device to implement additional safety measures: the use of a PIN-code, a pattern-lock or a password to unlock the device are mandatory when user-supplied certificates are used.

Android 8/N and later require changes to an app manifest, greatly limiting the use cases. Here’s an extract from the Charles Proxy website:

As of Android N, you need to add configuration to your app in order to have it trust the SSL certificates generated by Charles SSL Proxying. This means that you can only use SSL Proxying with apps that you control.

In order to configure your app to trust Charles, you need to add a Network Security Configuration File to your app. This file can override the system default, enabling your app to trust user installed CA certificates (e.g. the Charles Root Certificate). You can specify that this only applies in debug builds of your application so that production builds use the default trust profile.

Trusting the VVV Root Certificate on Other Operating Systems

If you are running a different operating system than the ones listed above then you will need to find the instructions. Installing a Root Certificate is not specific to VVV, it is a system operation.

This means you should be able to find a guide by searching for something like “<your operating system> install root certificate”

If you can’t find instructions via Google, try checking instructions specific to your browser. A lot of browsers have their own list of authorities you can add to and their own certificate managers.

There are more instructions on the CACert wiki here.