lvh.me ssl

lvh_ssl.md

Install nginx

$ brew install nginx

Edit nginx.conf

$ vim /usr/local/etc/nginx/nginx.conf

Change the content of the file to:

worker_processes  1;

events {
  worker_connections  1024;
}

http {
  keepalive_timeout  0;

  # Change this ports to your dev servers
  map $host  $port {
    default        3000;
    cti.lvh.me     3001;
  }

  server {
     listen               443 ssl;
     server_name          *.lvh.me;
     ssl_certificate      lvh.cert;
     ssl_certificate_key  lvh.key;
     ssl_session_cache    shared:SSL:1m;
     ssl_session_timeout  15m;
     ssl_ciphers  HIGH:!aNULL:!MD5;
     ssl_prefer_server_ciphers  on;

     rewrite_log on;

     location / {
      proxy_pass          http://127.0.0.1:$port;
      proxy_set_header    Accept-Encoding     "";
      proxy_set_header    Host                $host;
      proxy_set_header    X-Real-IP           $remote_addr;
      proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
      proxy_set_header    X-Forwarded-Proto   $scheme;
      add_header          Front-End-Https     on;
    }
  }
  include servers/*;
}

Generate Self-signed certificate

Go to http://www.selfsignedcertificate.com/ and input *.lvh.me as the server name.

After generating the certificate files run the following commands in your shell:

$ cd /usr/local/etc/nginx
$ curl <LINK_TO_YOUR_KEY_FILE>/_.lvh.me.key > lvh.key
$ curl <LINK_TO_YOUR_CERT_FILE>/_.lvh.me.cert > lvh.cert

Start nginx

$ sudo nginx

In case you need to edit nginx.conf reload your configuration:

$ sudo nginx -s reload

Change local policy to trust the certificate

Add the certificate to Keychain Access and set the Trust Policy to Always Trust.

zz_keychain.png