[discontinued] Run a green-badge local HTTPS server with zero configuration
⚠️ Apparently, this goes against letsencrypt’s ToS and I can’t use their certificates in such manner. And I have to drop this tool. I would have issued a non-free certificate to keep this tool up, but it doesn’t sound like a great idea to publish a private key that is officially registered to my name.
No certificate creation, no tunnels and no hassle ⚡️
The importance of using HTTPS locally
One might assume that HTTPS isn’t needed for local development. But that’s not always the case. You need to test for mixed-content, secure cookies, service workers, etc. This thread by Kyle makes the point perfectly.
Running a local HTTPS server can be pain in the neck. You have to create your own certificates, add them as trusted etc. You know the deal.
Using tunnels, at least the freely-available choices, isn’t the best experience either, they create a different URL everytime, they can get really slow, and 3rd parties will have access to your app in plain text.
But what if you could use a static, short and memorable URL to access your app without 3rd parties involvement? ez-s does exactly that. You run
ez-s and access
https://ez-s.io:5000 and you’ll see your app with a green badge.
What is EZ-S?
$ npm i -g @alshakero/ez-s
// => go to https://ez-s.io
:5000to see your app
How does it works?
- The domain
ez-s.iohas a single
ADNS record pointing to the IP address
- ez-s package includes SSL certificates generated by letsencrypt.
- There is also a small HTTPS server that uses the aforementioned certificates including the private key. So when you access
ez-s.iothe certificate provided will actually match letsecrypt's, and you get a green badge. The IP address of the host does not matter. As long as letsencrypt records match the certificates provided by the server, Chrome will not object.
Wait what? Public private keys?! Yes. Because the domain will forever point to
127.0.0.1, impersonating it will not take the impersonator anywhere. Unless the impersonator has power over the victim’s DNS server, which makes ez-s the least of the victim’s worries 😁
ez-s.io points to
127.0.0.1, your app will be only accessible locally. You can't test it on your phone or using another machine.
Due to this caveat,
--listen argument is useless in this case. The only configurble network-related parameter is the port.
If you have any questions please go ahead and comment below.