What is the 'cacert.pem' and for what to use that?

I am developing a web application on localhost with domains and sub-domains and I would like to use a HTTPS connection. On my Mac OS, in order to enable SSL, I need to set Apache correctly, so I followed some guide to accomplish part of that.

Now it is time to choose a certificate in order to test HTTPS requests. I seen the cacert.pem, but I don't know how to use that and for what it is used (can you explain to me some about its usage?)...

So, is it possible to use the cacert.pem (see the link) for all my domains and subdomains (maybe, as a wildcard certificate) on localhost?

  • If so, how to do that? What certificate I have to take and use?

  • If no, what I need to do in order to use a wildcard certificate for all my domains and subdomains on localhost?

Of course those certificates must be accepted by browsers and working for HTTPS connection between my domains.


cacert.pem is a collection of trusted root certification authorities. You can't use these to secure your own site. There are a number of reasons, but mainly: you don't have the matching private key.

You site certificate contains a public key that is used by the client to encrypt messages to your server that can only be decrypted by the matching private key.

Your question suggests a lack of understanding of public key cyptography. Granted, you can get a lot done without it, but it helps to read up on the basics:

  • http://en.wikipedia.org/wiki/Public_key_infrastructure
  • And from there, some great finger-puppet guides: http://www.carillon.ca/tutorials.php

To correctly generate the keys and certificates you need, this guide is useful, and specific to Apple/Apache/mod_ssl: http://developer.apple.com/internet/serverside/modssl.html