Before I get started with the how, I assume some of you may be asking, "Why do I care about running SSL on my localhost?" Well, there are some spec...
For further actions, you may consider blocking this person and/or reporting abuse
Other method:
foobar.com*.foobar.comapp1.foobar.comis a proxy tolocalhost:4000127.0.0.1 app1.foobar.comto your/etc/hostsLet's Encrypt makes this pretty easy, and free. What I usually do is have
localhost.foobar.comresolve to127.0.0.1, and either have a Let's Encrypt wildcard cert, or a cert specifically forlocalhost.foobar.comNow this is a nerdy, overcomplicated solution that I like.
Note that ngrok goes over the internet, so it's pretty excessive/slow for local development. The request will go over the internet to ngrok's servers, then back to your system.
What I usually do for local development is configure
localdev.example.com(whereexample.comis the site for whatever project I'm working on) to resolve to127.0.0.1on my DNS server, and then use Let's Encrypt to create a real cert forlocaldev.example.com.I'm so interested to learn more about this.
You can use Let's Encrypt DNS validation to get certificates for servers even if they're not accessible over the internet (for example, for internal servers or local development). Certbot and acme.sh both support this and integrate with various DNS APIs to handle the validation, or you could manually set the required TXT record.
I use acme-dns to handle the validation, but it takes a bit of setup.
I like where you're going. Wanted to offer some two other options to skin that particular cat, addressing at least the three motivations you identified: VMs and Containers.
If you want me to support the suggestions, let me know in a comment. Otherwise, I'll just consider it out-of-scope or beyond the intent of this post.
Go for it. I barely skimmed the surface of possible solutions...just covering the use-cases that I needed for my particular work.
Sure.
I prefer the VM (or container) approach because, in addition to addressing the three items you identified, it generally allows me to nail down a test environment as close to the production server as I care to make it -- without unnecessarily constraining my dev machine.
By offloading the test environment to a VM, I'm free to upgrade my dev machine through various OS/distro upgrades, without compromising the test environment integrity -- the VM continues to run CentOS 6 server, while my dev machine matures from Ubuntu 12->14->16(->18 next weekend) LTS versions.
Similar advantages may be had with containers - with the added advantage that they can also leverage shared OS for a smaller footprint if multiple servers are needed.
With later versions of apache, getting SSL up and running is as simple as linking the sites-available conf to the sites-enabled directory. The provided snakeoil certs make it a breeze.
There's a bit of a learning curve for the VMs, but its been well worth it.
Good luck and please keep blogging.
LetsEncrypt have revoked around 3 million certs last night due to a bug that they found. Are you impacted by this, Check out ?
DevTo
[+] dev.to/dineshrathee12/letsencrypt-...
GitHub
[+] github.com/dineshrathee12/Let-s-En...
LetsEncryptCommunity
[+] community.letsencrypt.org/t/letsen...
Hi Brian nice article.
I found localtunnel.github.io/www/ as alternative to ngrok... just care to
ltalias for lsI use Valet on Linux which allows you to quickly secure any of the folders its currently serving.