HTTPS during development using 'mkcert'

Use https even during your development

Suraj Deshmukh

2 minute read

It’s always a hassle creating certificates and lot of technical jargons involved. This can be simplified, using mkcert. Install by following one of the steps mentioned in the docs.

Once installed just run:

$ mkcert -install
Created a new local CA at "/home/hummer/.local/share/mkcert" 💥
[sudo] password for hummer: 
The local CA is now installed in the system trust store! ⚡
The local CA is now installed in the Firefox and/or Chrome/Chromium trust store (requires browser restart)! 🦊

This has installed the local CA. Now all you need to do is create a new certificate.

$ mkcert 127.0.0.1 localhost
Using the local CA at "/home/hummer/.local/share/mkcert" ✨

Created a new certificate valid for the following names 📜
 - "127.0.0.1"
 - "localhost"

The certificate is at "./127.0.0.1+1.pem" and the key at "./127.0.0.1+1-key.pem" ✅

Now is the time to test it, so to test it I am running a Python’s SimpleHTTPServer using following code(by default if you run python -m SimpleHTTPServer it runs on HTTP).

$ cat simple-https-server.py
import BaseHTTPServer, SimpleHTTPServer
import ssl

httpd = BaseHTTPServer.HTTPServer(('localhost', 4443), SimpleHTTPServer.SimpleHTTPRequestHandler)
httpd.socket = ssl.wrap_socket (httpd.socket, certfile='./127.0.0.1+1.pem', keyfile='127.0.0.1+1-key.pem', server_side=True)
httpd.serve_forever()

This code is taken from here with just modification to the certfile and keyfile file names.

Now just run this file as:

$ python2 simple-https-server.py
127.0.0.1 - - [14/Aug/2018 11:02:29] "GET / HTTP/1.1" 200 -
127.0.0.1 - - [14/Aug/2018 11:02:29] code 404, message File not found
127.0.0.1 - - [14/Aug/2018 11:02:29] "GET /favicon.ico HTTP/1.1" 404 -
127.0.0.1 - - [14/Aug/2018 11:03:55] "GET / HTTP/1.1" 200 -
127.0.0.1 - - [14/Aug/2018 11:03:58] "GET /simple-https-server.py HTTP/1.1" 200 -

Now if you have browser running already restart it and goto https://localhost:4443/. And voila your local HTTPS server is running.

Similarly you can create more certificates with wildcard domain and use those certificates with your applications.

Huge 👍 to the developer of mkcert.

comments powered by Disqus