Testing if your site works well on your local machine is always burdensome.
I found a tool that makes it really simple, mkcert:
β localhost-https mkcert -install
Using the local CA at "/Users/.../mkcert" β¨
The local CA is now installed in the system trust store! β‘οΈ
The local CA is now installed in the Firefox trust store (requires browser restart)! π¦
The local CA is now installed in Java''s trust store! βοΈ
β localhost-https mkcert localhost
Using the local CA at "/Users/.../mkcert" β¨
Created a new certificate valid for the following names π
- "localhost"
The certificate is at "./localhost.pem" and the key at "./localhost-key.pem" β
Then you can test with a simple HTML page:
β localhost-https cat index.html
ββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β File: index.html
ββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
1 β <html>
2 β <body>
3 β HELLO WORLD
4 β </body>
5 β </html>
ββββββββ΄ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β localhost-https ./node_modules/http-server/bin/http-server -S -C ./localhost.pem -K ./localhost-key.pem [18:12:41]
Starting up http-server, serving ./ through https
Available on:
https://127.0.0.1:8080
https://192.168.1.69:8080
Hit CTRL-C to stop the server
this is the result:
FiloSottile
/
mkcert
A simple zero-config tool to make locally trusted development certificates with any names you'd like.
mkcert
mkcert is a simple tool for making locally-trusted development certificates. It requires no configuration.
$ mkcert -install
Created a new local CA π₯
The local CA is now installed in the system trust store! β‘οΈ
The local CA is now installed in the Firefox trust store (requires browser restart)! π¦
$ mkcert example.com "*.example.com" example.test localhost 127.0.0.1 ::1
Created a new certificate valid for the following names π
- "example.com"
- "*.example.com"
- "example.test"
- "localhost"
- "127.0.0.1"
- "::1"
The certificate is at "./example.com+5.pem" and the key at "./example.com+5-key.pem" β
Using certificates from real certificate authorities (CAs) for development can be dangerous or impossible (for hosts like example.test, localhost or 127.0.0.1), but self-signed certificates cause trust errors. Managing your own CA is the best solution, but usually involves arcane commands, specialized knowledge and manual steps.
mkcert automatically creates and installs a local CA in the systemβ¦
Top comments (25)
OK, but, what version of
catis that? Never seen anything like it. And how do you turn the extra stuff off?Hi John,
it's bat aliased to
cat:-)what do you mean?
I just meant if you wanted the standard behaviour of
cat, because if you didcat file.txt > otherfile.txtthat formatting would cause you to have a bad time, OK?Ah ok!
No, it doesn't happen:
I'm curious to how it knows to change the output depending where the output is directed to. Like aren't both
stdoutfrom the point of view ofbat?You can detect if the output is being redirected with POSIX functions isatty(3) and fstat(2)
Hope it works well with Rails. I have had so much trouble trying to a local HTTPS server running with Rails :( I almost always end up using ngrok.
Works fine with rails. After creating / installing your certificate as described in the article, start your rails server via rails s -b 'ssl://localhost:3000?key=./localhost-key.pem&cert=./localhost.pem'
Let me know, I haven't tried :)
I'm not that familiar with Docker so I don't know. The tool is a standard Go binary and I guess if you open the port of the web app serving you might accomplish something.
You need to root in your container to install it though, just downgrade your permissions after that.
Why? You can create a test domain or subdomain and use letsencrypt.
You can also use ngrok, mkcert seems easier than all the options I can think of, ngrok included
Yes, but letsencrypt will work even if someone else is accessing your dev server and the effort isn't any bigger, so why bother creating local certificates if you can create a valid one?
Can you write an article about it? It would be useful for everyone. Thank you!
I love the mkcert setup you describe. That said, letsencrypt is also awesome!
I've written an article about it: dev.to/alexeydc/modern-https-confi...
Hey, that's really useful, thanks for sharing!
Do you know if this works with a XAMPP or LAMPP localhost server? I would like to use this for my wordpress projecs.
I believe so, it's independent from the technology of the server. It just needs to support TLS.
I'm not familiar with either XAMPP or LAMPP but judging from a search engine query you need a tutorial on how to use a certificate with Apache. This seems a valid one (from Step 2): digitalocean.com/community/tutoria...
Thanks, in the past I tried some tutorials and other techniques but I found difficult to install them in the browser "trust stores", this one seems easy, I will give it a try!
Can I use this with Next.js?
I'm not familiar with Next.js but it's language agnostic. As long as you can point a web server to the certificate you should be able to use it!
I figured it out. I used a custom server and pointed it to the certificate. Thanks!
Thanks
Thanks
Thanks
Thanks
Thanks
Thanks π
This is exactly what I needed....trying it right now...thanks for sharing!
Cool