Use an individual root certificate authority in your DDEV project

• 31 October 2025
• DDEV,
• TLS

There may be cases, when you have to connect to remote resources that use TLS certificates which do not come from a widely known root certificate authority. In DDEV, it is pretty simple to add a root certificate to your project.

We assume, you already have the root certificate in the correct format. Where you can get it, depends on your certificate authority.

Place the file in the directory .ddev/web-build/ and give the file a proper name, e.g. .ddev/web-build/foobar-root-ca.crt

Create a Dockerfile in the same folder, e.g. .ddev/web-build/Dockerfile.foobar with the just a simple line of code:

ADD foobar-root-ca.crt /usr/lib/ssl/certs/

These simple steps register your individual root certification authority inside your DDEV web container, and you can easily connect to your remote resources without any further problems.

• Previous: Use `ddev pull` with WordPress Projects