HTTPS & trusted certs
Butler can serve any site over HTTPS with a certificate your browser actually trusts — no red padlock, no “your connection is not private” warning. It does this with its own certificate authority (CA) that’s installed into your Mac’s keychain during setup.
Secure a site
Section titled “Secure a site”butler secure my-appThat issues a certificate for my-app.test and flips the site to HTTPS. Reload
the page and https://my-app.test loads cleanly. Omit the name to secure the
site in the current directory:
cd ~/Sites/my-appbutler secureYou can also secure a site from the Sites section of the menu bar app.
Back to plain HTTP
Section titled “Back to plain HTTP”butler unsecure my-appList secured sites
Section titled “List secured sites”butler securedThe certificate authority
Section titled “The certificate authority”For browsers to trust Butler’s certificates, Butler’s CA has to be trusted by
your system. This happens automatically during butler system install, which is
why it prompts for your password once.
If you ever need to install the trust manually — for example after clearing your keychain — run:
butler trustOn a CLI-only install this needs to run under sudo in a terminal so it can add
the CA to the system keychain. If you use the app, it can handle the trust prompt
for you through the standard macOS security dialog.
Bring your own certificate
Section titled “Bring your own certificate”If you’d rather use a certificate you already have (say, a wildcard cert), point
a site at it in butler.yml instead of using
Butler’s CA:
ssl: cert: /abs/path/to/site.pem key: /abs/path/to/site-key.pemRenewing certificates
Section titled “Renewing certificates”Butler’s certificates are issued with a limited lifetime. To renew:
butler renew # renew site certificatesbutler renew --expiring 30d # only those expiring within 30 daysbutler renew --ca # renew the CA itselfRenewing the CA re-issues the root; you may be prompted to re-trust it.