Which solution is less complex? I followed OPs link to Anchor but was prompted to sign on using anorher third-party service which is already more complex in terms of rolling out in a medium sized team.

It’s no longer local development now is it? You are crossing into dev deployment land. Unless you are talking about remote pair programming and setting up a reverse proxy at home to allow your coworker to connect or open some port forwards on your router (in which case, the world can connect).

I’m in the camp that can write a 14 line Golang program that can generate a self-signed cert for whatever you want. Anything that needs a root CA is going to need LetsEncrypt or those god awful mafia-esque geotrust/verisign certs.

The certs should be installed on your OS, not your browser. No trust stores to manage. Firefox will use Windows Certificate store, Mac keychain, Linux /etc/ssl/certs.

For client certificates, you can generate a self-signed <dns-name-dejour> so long as your hosts file points the domain to your container IP or localhost.

It’s not that complicated but it’s not trivial if you don’t understand certificates. Having a SaaS service do this for you I think is overkill. certbot could definitely do this. I think web frameworks should do this as part of their new-project process. Considering the world requires https.