DEV Community

Cover image for Managing local SSL certificates without port
Dimas López
Dimas López

Posted on • Edited on

Managing local SSL certificates without port

CLI version here https://dev.to/dimaslz/managing-local-ssl-certificates-without-port-cli-4lfm

Sometimes we need to use HTTPS domain while we are working locally and, we use the basic url with the port where is running the project like https://localhost:3000. Also, sometimes, is recommended to have a similar TLD as the real domain in production, something like https://local.your-domain.com:3000, because maybe, we need to do something related to the TLD, like handle default language or something else.

As you can see, we need to add the PORT (3000). What happen if you want to remove the port in the url but, serving the application running in a port? You can not do it. You only can use 1 application running in the port 443 and, you need to add a special setting to the runner of the project, to serve the application in the 443 port (ssl). Other solutions are a bit complex, modifying something in your system manually probably (manually multiple times === will be tedious).

I try to avoid specific settings just for local environment, the project should have the less or any differences as possible with the production setting.

Also, another nuisance using the ports in the url, in my opinion, is when you have the URL set in multiple services, like Github, to make the authentication process. Then, if you need to change the port for some reason, you need to back to Github and update the port.

As I like automation scripts, I have created a script to automate to create local certifications (supported by mkcert) and remove the PORT's from the url through a proxy with Docker image base on Nginx.

How this proxy works

Here the Github repository if you want to try it: https://github.com/dimaslz/local-ssl-management-docker

(copied and pasted from: https://github.com/dimaslz/local-ssl-management-docker#how-to-use)

How to use

#1 - Update your /etc/hosts:

OSX:

...
127.0.0.1        local.your-domain.com
Enter fullscreen mode Exit fullscreen mode

#2 - Setup config:

[
  {
    "domain": "local.your-domain.com",
    "port": 3000, // where the application is running http://localhost:3000
  },
  ...
]
Enter fullscreen mode Exit fullscreen mode

#3 - Run your application:

The script will work but, if your application is not running, the domain will not resolve the source.

#4 - Run the script:

Before all, build the script by running yarn build and after yarn up

The script will:

  • Check the config.json file, creating the new SSL certificates if needed.
  • Create the nginx.conf per each domain.
  • Generate the Dockerfile configuration.
  • Remove and create the new image (named local-ssl-management).
  • Remove and create the new container (named local-ssl-management).

All files will be into .temp folder (do not touch it).

#4 - Go to your domain and check it:

Open the application url: https://local.your-domain.com and... should work 😅.

END!

This is something that works for me, and maybe it works for you too.

I will continue working on it, this is my next iteration:

  • Add certs manually
  • Add custom nginx config
  • CLI

Feedback are welcome. If you like it, give me a ⭐️ in Github https://github.com/dimaslz/local-ssl-management to motivate me to continue sharing work.

Thank you for reading and, happy coding! 👨‍💻

Top comments (0)