mehmetsefabalik/nginx-https-local.md

Last active September 2, 2024 23:59

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/mehmetsefabalik/257aab5a9ce69deb01f71d8b5be25256.js"></script>
Save mehmetsefabalik/257aab5a9ce69deb01f71d8b5be25256 to your computer and use it in GitHub Desktop.

Download ZIP

Enable https on your local environment with nginx

Raw

nginx-https-local.md

enable https on your local environment

install mkcert and create certificates

brew install mkcert

mkcert -install

mkcert local.place-your-domain-here.com localhost 127.0.0.1 ::1

Two .pem files will be generated. rename them as domain.pem and domain-key.pem

add 127.0.0.1 local.place-your-domain-here.com to your /private/etc/hosts file

create nginx config file

touch nginx.conf

events {

}

http {
  server {
    listen 443 ssl;
    listen [::]:443 ssl;
    ssl_certificate ~/domain.pem;
    ssl_certificate_key ~/domain-key.pem;
    server_name local.place-your-domain-here.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
  }
}

run nginx

nginx -c nginx.conf -p .

now you can open https://local.place-your-domain-here.com

tikhcloud commented Apr 3, 2024

It works! But I get an "not safe" error from the browser

This is okay. You can add certificate to your browser or just ignore this warning. You are the one who generate this certificate and you have nothing to worry about ;) Also, make sure you use mkcert for testing and developing purposes, this is not suitable for production, and never share your rootCA-key.pem with anyone

MarvinXu commented Apr 8, 2024

My nginx server is on WSL Ubuntu. I tried mkcert in WSL and import RootCA.pem in the host machine but still gets an error. Then I run mkcert in Windows cmd and copy generated certs to WSL and the error goes away :)