How to Run HTTPS on Localhost: A Step-by-Step Guide
Running HTTPS on your localhost is essential for developing and testing secure web applications.
Secure Socket Layer (SSL) or Transport Layer Security (TLS) provides a way for secure communication over the internet. When you run a HTTPS server on your localhost, you can simulate the secure environment your web applications will operate in when deployed to production servers.
In this guide, I’ll walk you through the process of setting up HTTPS on your local machine using self-signed certificates and a Node.js server.
Prerequisites
Before we begin, make sure you have the following prerequisites:
- Node.js and npm: Ensure you have Node.js and npm installed on your system. You can download them from nodejs.org.
- Basic knowledge of HTTPS
Step 1: Generate a Self-Signed Root Certificate
The first step is to create a self-signed root certificate. We will install this certificate in our computer and will sign another certificate that will be used by the server. When you install a root certificate, it means that you trust any other certificate signed by that root certificate.
While it’s not suitable for production use (as it’s not issued by a recognized certificate authority), it’s perfect for local development and testing.
- Open a terminal or command prompt and navigate to a directory where you want to store the certificate.
- Run the following command to generate a private key for the root certificate:
openssl genrsa -out root.key 2048
3. Now, generate the self-signed root certificate using the private key:
openssl req -x509 -new -nodes -key root.key -sha256 -days 365 -out root.crt
4. If you’re using macOS, you can add the root certificate to your system’s trusted certificates by double-clicking the root.crt
file. The Keychain Access application should open. Choose the "System" keychain, click "Add," locate and select the root.crt
file, and click "Add" again. Ensure the certificate is marked as trusted.
After these steps, we’ve created a self-signed root certificate and added it to trusted store.
While this guide demonstrates the process using Node.js, you can implement HTTPS on your localhost in other programming languages as well. Each language may have its own libraries and packages for handling SSL/TLS certificates. The fundamental steps of generating certificates and configuring the server remain similar across languages.
Step 2: Create a Server Certificate
Next, we’ll create a server certificate for your localhost. This certificate will allow your local server to establish secure connections. We’ll sign server’s certificate with the root certificate so our computer can trust the server’s authenticity.
- Generate a private key for the server:
openssl genrsa -out server.key 2048
2. Generate a certificate signing request (CSR) using the server’s private key:
openssl req -new -key server.key -out server.csr
3. This command will prompt you to provide some information for the CSR, such as the common name (CN) and organization details. Make sure to set the common name to the hostname or domain name associated with your server (e.g., localhost
).
4. Sign the CSR with the root certificate to create the server certificate:
openssl x509 -req -in server.csr -CA root.crt -CAkey root.key -CAcreateserial -out server.crt -days 365 -sha256
5. This command signs the CSR using the root certificate and private key, generating a new server certificate named server.crt
valid for 365 days.
After these steps, we’ve created a certificate that our server will use and our PC trusts.
Step 3: Create a Node.js Server
Now that you have your server certificate ready, let’s create a simple Node.js server to serve content over HTTPS. We’ll use Node.js and the Express framework for this example, but you can adapt these steps to other languages and frameworks.
- Create a file named
server.js
and add the following code:
// server.js
const app = require('express')();
const https = require('https');
const fs = require('fs');
const options = {
key: fs.readFileSync('~/certs/practice/server.key'), // replace it with your key path
cert: fs.readFileSync('~/certs/practice/server.crt'), // replace it with your certificate path
}
https.createServer(options, (req, res) => {
res.writeHead(200);
res.end('Hello, HTTPS World!');
}).listen(443, () => {
console.log('Server is running on port 443');
});node
2. Save the file and run the following command in your terminal to start the server:
node server.js
3. Your HTTPS server is now running on port 443, and you can access it at https://localhost
Step 4: Trust the Root Certificate (macOS Only)
If you’re using macOS, follow these additional steps to trust the root certificate:
- Open the Keychain Access application.
- Choose the “System” keychain from the left sidebar.
- Click “File” > “Import Items” and select the
root.crt
file. - Double-click the imported certificate, expand the “Trust” section, and set “When using this certificate” to “Always Trust.”
Step 5: Final Script (Optional)
If you want to automate the certificate generation and server setup, you can use the following script:
echo "Creating root server"
openssl genrsa -out root.key 2048
openssl req -x509 -new -nodes -key root.key -sha256 -days 365 -out root.crt
echo "Creating server certificate"
openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr
openssl x509 -req -in server.csr -CA root.crt -CAkey root.key -CAcreateserial -out server.crt -days 365 -sha256
echo "Create server file"
touch server.js
echo "
// server.js
const app = require('express')();
const https = require('https');
const fs = require('fs');
const options = {
key: fs.readFileSync('/Users/akshitdev/certs/practice/server.key'),
cert: fs.readFileSync('/Users/akshitdev/certs/practice/server.crt'),
}
https.createServer(options, (req, res) => {
res.writeHead(200);
res.end('Hello, HTTPS World!');
}).listen(443, () => {
console.log('Server is running on port 443');
});
" >> server.js
echo "Adding server to root"
sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" <path_to_certificate_file>
echo "Running server"
node server.js
This script will automate the process of generating certificates and setting up the server.
That’s it! You’ve successfully configured HTTPS on your localhost using self-signed certificates.