I am trying to host a react app I created and tested locally using the facebook boilerplate.
The client app interacts with an API I made using node.js, and with which I had no issue setting up a secure connection (with a node.js client sending my SSL certificate, for testing).
However, I am encountering difficulties when it comes to using react to send my SSL certificate instead of a self-signed one which causes me to encounter this error using chrome and trying to access to https://example.net:3000 :
Your connection is not private (NET:ERR_CERT_AUTHORITY_INVALID)
The documentation did not quite help me:
Note that the server will use a self-signed certificate, so your web browser will almost definitely display a warning upon accessing the page. https://github.com/facebookincubator/create-react-app/blob/master/packages/react-scripts/template/README.md#using-https-in-development
How can I use my own SSL certificate (which I already use on another app on my domain and works like a charm) instead of this self-signed one ? Did I miss something ?
Generate SSL CertificateNavigate to the root folder of your React app and generate an SSL certificate. First, create a folder for the certificate. Run the following to generate the certificate and store it in the folder you just created.
We should use the HTTPS, SSL_CRT_FILE, and SSL_KEY_FILE environment variables to use a custom SSL certificate in a React development server. Change the start script in package. json as follows.
I was able to get a local certificate working without modifying the webpack-dev-server
files using react-scripts
3.4.1
(technically added in 3.4.0
but I had some—probably unrelated—issues). I added these two environment variables to my .env.development
:
SSL_CRT_FILE=.cert/server.crt SSL_KEY_FILE=.cert/server.key
Notes:
.cert
is a folder I created in the root of my projectUpdate: see Andi's answer below. In recent version you should set environment variable to configure the certificate
SSL_CRT_FILE=.cert/server.crt SSL_KEY_FILE=.cert/server.key
Ejecting create-react-app
is not recommended since you won't be able to seamlessly upgrade it. Moreover, you can easily have valid SSL certificate without ejecting.
You will need to copy your certificate to node_modules/webpack-dev-server/ssl/server.pem
. The downside is that you need to manually copy the file. However, one way to make this seamless is to add a postinstall
script that creates a symlink. Here is a script I created:
#!/bin/bash # With create-react-app, a self signed (therefore invalid) certificate is generated. # 1. Create some folder in the root of your project # 2. Copy your valid development certificate to this folder # 3. Copy this file to the same folder # 4. In you package.json, under `scripts`, add `postinstall` script that runs this file. # Every time a user runs npm install this script will make sure to copy the certificate to the # correct location TARGET_LOCATION="./node_modules/webpack-dev-server/ssl/server.pem" SOURCE_LOCATION=$(pwd)/$(dirname "./local-certificate/server.pem")/server.pem echo Linking ${TARGET_LOCATION} TO ${SOURCE_LOCATION} rm -f ${TARGET_LOCATION} || true ln -s ${SOURCE_LOCATION} ${TARGET_LOCATION} chmod 400 ${TARGET_LOCATION} # after 30 days create-react-app tries to generate a new certificate and overwrites the existing one. echo "Created server.pem symlink"
Your package.json
should look something like:
"scripts": { ... "postinstall": "sh ./scripts/link-certificate.sh" }
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With