diff --git a/.ca-certificates/caddy-local-dev.pem b/.ca-certificates/caddy-local-dev.pem
new file mode 100644
index 0000000..1425fab
--- /dev/null
+++ b/.ca-certificates/caddy-local-dev.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBozCCAUqgAwIBAgIRAPJ+Z8gSmjk1FTKqFds8n00wCgYIKoZIzj0EAwIwMDEu
+MCwGA1UEAxMlQ2FkZHkgTG9jYWwgQXV0aG9yaXR5IC0gMjAyMiBFQ0MgUm9vdDAe
+Fw0yMjA4MjYyMjIyMTFaFw0zMjA3MDQyMjIyMTFaMDAxLjAsBgNVBAMTJUNhZGR5
+IExvY2FsIEF1dGhvcml0eSAtIDIwMjIgRUNDIFJvb3QwWTATBgcqhkjOPQIBBggq
+hkjOPQMBBwNCAARO38bVJQoZOS1MTT03r9Rz/vWxI2oxk441D5ET9cwq6PWzzGYW
+15f1XePqiEWcV5xwp67EU32nBHdLqJlx2HZxo0UwQzAOBgNVHQ8BAf8EBAMCAQYw
+EgYDVR0TAQH/BAgwBgEB/wIBATAdBgNVHQ4EFgQUYuyf1bWTKJTIc6pyK/aAqThH
+wxgwCgYIKoZIzj0EAwIDRwAwRAIgbT15r1rwsGjNMbjohYuyHv5kMCjEDAzXlAQr
+VZF2C7sCIArqFtdtf4vDn4RAM+2W47hHwGjBPLN8joONKLU2m1dC
+-----END CERTIFICATE-----
diff --git a/.guix/rekahsoft/guix-config/home.scm b/.guix/rekahsoft/guix-config/home.scm
index 9f6667f..3b30e99 100644
--- a/.guix/rekahsoft/guix-config/home.scm
+++ b/.guix/rekahsoft/guix-config/home.scm
@@ -5,6 +5,11 @@
   #:use-module (guix profiles)
   #:use-module (guix transformations)
   #:use-module (guix gexp)
+  #:use-module (gnu packages tls)
+  #:use-module (gnu packages perl)
+  #:use-module (guix packages)
+  #:use-module (guix build-system trivial)
+  #:use-module ((guix licenses) #:prefix license:)
   #:use-module (gnu home services shells)
   #:use-module (gnu home services desktop)
   #:use-module (nongnu packages mozilla)
@@ -16,6 +21,46 @@
   #:use-module (rekahsoft-gnu packages terraform)
   #:export (%home %home-manifest))
 
+(define-public caddy-local-ca-cert
+  (package
+    (name "caddy-local-ca-cert")
+    (version "1")
+    (source #f)
+    (build-system trivial-build-system)
+    (arguments
+     '(#:modules ((guix build utils))
+       #:builder
+       (begin
+         (use-modules (guix build utils))
+         (let ((ca-cert (assoc-ref %build-inputs "caddy-dev-ca.pem"))
+               (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs"))
+               (openssl (assoc-ref %build-inputs "openssl"))
+               (perl (assoc-ref %build-inputs "perl")))
+           (mkdir-p out)
+           (for-each
+             (lambda (cert)
+               (copy-file cert (string-append out "/"
+                                              (strip-store-file-name cert))))
+             (list ca-cert))
+
+           ;; Create hash symlinks suitable for OpenSSL ('SSL_CERT_DIR' and
+           ;; similar.)
+           (chdir (string-append %output "/etc/ssl/certs"))
+           (invoke (string-append perl "/bin/perl")
+                   (string-append openssl "/bin/c_rehash")
+                   ".")))))
+    (native-inputs
+     (list openssl perl))                           ;for 'c_rehash'
+    (inputs
+     `(; The CA certificate used by caddy for local development
+       ("caddy-dev-ca.pem"
+        ,(local-file "../../../.ca-certificates/caddy-local-dev.pem"))))
+    (home-page "https://caddyserver.com")
+    (synopsis "Local CA used for caddy development server")
+    (description "This package provides a certificate store containing a
+single certifcate used for local development with caddy.")
+    (license license:public-domain)))
+
 (define transform--emacs-helm-mu
   (options->transformation
    '((with-commit . "emacs-helm-mu=b85019d01815a4b58d6016c3a30fefa60d8363f2"))))
@@ -25,6 +70,9 @@
    (list
     (packages->manifest
      (list
+      ;; ca-certificate for local caddy development server
+      caddy-local-ca-cert
+
       ;; Temporary: emacs-helm-mu is broken but has been fixed upstream
       (transform--emacs-helm-mu
        (specification->package "emacs-helm-mu"))