Configure HTTPS Server for Local Development Environment

[qingquan-li]

1. Run HTTP server

1.1 Use Python

cd /path/to/your/project
# Start a simple HTTP server listening on port 8080, serving files (e.g., HTML) from the current directory
python3 -m http.server 8080

1.2 Use Go

Create a Go file (e.g., server.go) in your project's directory:

package main

import (
    "log"
    "net/http"
)

func main() {
    fs := http.FileServer(http.Dir("."))
    http.Handle("/", fs)

    log.Println("Listening on :8080...")
    err := http.ListenAndServe(":8080", nil)
    if err != nil {
        log.Fatal(err)
    }
}

Run the server:

cd /path/to/your/project
# Run the server in the directory where your server.go file is located:
go run server.go

1.3 Use http-server (requires Node.js)

Install http-server globally:

npm install -g http-server

cd /path/to/your/project
# Start a HTTP server listening on port 8080, serving files (e.g., HTML)
http-server -p 8080

2. Run HTTPS server

First step: generate a self-signed SSL certificate using OpenSSL:

cd /path/to/your/project

# Generates an RSA private key of 2048 bits and saves it to server.key.
openssl genrsa -out server.key 2048

# Generates an ECC (Elliptic Curve Cryptography) private key using the secp384r1 curve and overwrites server.key with it. ECC keys are known for providing the same level of security as RSA keys but with shorter key lengths, which can result in better performance.
openssl ecparam -genkey -name secp384r1 -out server.key

# Generates a self-signed X.509 certificate using the private key (either RSA or ECC, depending on which key generation command was used last).
# -sha256 specifies the use of the SHA-256 hashing algorithm for signing the certificate, ensuring a high level of security.
# -key server.key indicates the private key file to use.
# -out server.crt specifies the output file for the certificate.
# -days 365 sets the certificate's validity period to 365 days
openssl req -new -x509 -sha256 -key server.key -out server.crt -days 365

Another way to generate a self-signed SSL certificate: combined RSA certificate and key generation using OpenSSL:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

Or using mkcert: https://github.com/Qingquan-Li/doorgo-app/tree/main/frontend/ssl-certificates

2.1 Use Python

Create a https-server.py file:

from http.server import HTTPServer, SimpleHTTPRequestHandler
import ssl

httpd = HTTPServer(('0.0.0.0', 8080), SimpleHTTPRequestHandler)

# Create an SSL context
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain(
    certfile="server.crt",
    keyfile="server.key"
    # If you generated .pem files, then use these lines:
    # certfile='cert.pem',
    # keyfile="key.pem"
)
# Wrap the server socket in the SSL context
httpd.socket = context.wrap_socket(httpd.socket, server_side=True)

print("Serving HTTPS on 0.0.0.0 port 8080...")
httpd.serve_forever()

Run the server:

cd /path/to/your/project
python3 https-server.py

2.2 Use Go

package main

import (
	"log"
	"net/http"
)

func main() {
	fs := http.FileServer(http.Dir("."))
	http.Handle("/", fs)

	log.Println("Listening on :8080...")
	// HTTP
	// err := http.ListenAndServe(":8080", nil)
	// HTTPS
	err := http.ListenAndServeTLS(":8080", "server.crt", "server.key", nil)
    // If you generated .pem files, then use this line:
    // err := http.ListenAndServeTLS(":8443", "path/to/cert.pem", "path/to/key.pem", nil)
	if err != nil {
		log.Fatal(err)
	}
}

Run the server:

cd /path/to/your/project
go run https-server.go

2.3 Use http-server (requires Node.js)

Install http-server globally:

npm install -g http-server

Run the server:

cd /path/to/your/project

http-server -S -C server.crt -K server.key -p 8080