Setup (https) SSL on localhost for meteor development

Question

How do you create a self signed SSL certificate to use on local server on mac 10.9?

I require my localhost serving as https://localhost

I am using the linkedin API. The feature which requires the ssl on local host is explained here. https://developer.linkedin.com/documents/exchange-jsapi-tokens-rest-api-oauth-tokens

In brief, linkedin will send the client a bearer token after the client authorises my app to access their data. The built in javascript library by linkedin will automatically send this cookie to my server / backend. This json file info is used for user authentication.

However, linkedin will not send the private cookie if the server is not https.

Answer 1

Quick and easy solution that works in dev/prod mode, using http-proxy ontop of your app.

1) Add in the tarang:ssl package

meteor add tarang:ssl

2) Add your certificate and key to a directory in your app /private, e.g /private/key.pem and /private/cert.pem

Then in your /server code

Meteor.startup(function() {
    SSLProxy({
       port: 6000, //or 443 (normal port/requires sudo)
       ssl : {
            key: Assets.getText("key.pem"),
            cert: Assets.getText("cert.pem"),

            //Optional CA
            //Assets.getText("ca.pem")
       }
    });
});

Then fire up your app and load up https://localhost:6000. Be sure not to mix up your ports with https and http as they are served seperately.

With this I'm assuming you know how to create your own self signed certificate, there are loads of resources on how to do this. Just in case here are some links.

• http://www.akadia.com/services/ssh_test_certificate.html
• https://devcenter.heroku.com/articles/ssl-certificate-self

An alternative to self signed certs: it may be better to use an official certificate for your apps domain and use /etc/hosts to create a loopback on your local computer too. This is because its tedious to have to switch certs between dev and prod.