Categories
Tech Uncategorized

(discontinued) Run a green-badge local HTTPS server with zero configuration

Running a local HTTPS server can be pain in the neck. You have to create your own certificates, add them as trusted etc. You know the deal.

Using tunnels, at least the freely-available choices, isn’t the best experience either, they create a different URL everytime, they can get really slow, and 3rd parties will have access to your app in plain text.

But what if you could use a static, short and memorable URL to access your app without 3rd parties involvement? ez-s does exactly that. You run ez-s and access https://ez-s.io:5000 and you’ll see your app with a green badge.

What is EZ-S?

It’s a fork of zeit/serve that gives you the ability to locally run a green-badge HTTPS server. You can see it on GitHub here.

Quick steps

$ npm i -g @alshakero/ez-s
$ ez-s

// => go to [https://ez-s.io](https://ez-s.io):5000 to see your app

How does it works?

  1. The domain ez-s.io has a single A DNS record pointing to the IP address 127.0.0.1.
  2. ez-s package includes SSL certificates generated by letsencrypt.
  3. There is also a small HTTPS server that uses the aforementioned certificates including the private key. So when you access ez-s.io the certificate provided will actually match letsecrypt’s, and you get a green badge. The IP address of the host does not matter. As long as letsencrypt records match the certificates provided by the server, Chrome will not object.

Wait what? Public private keys?! Yes. Because the domain will forever point to 127.0.0.1, impersonating it will not take the impersonator anywhere. Unless the impersonator has power over the victim’s DNS server, which makes ez-s the least of the victim’s worries 😁

Caveat

Since ez-s.io points to 127.0.0.1, your app will be only accessible locally. You can’t test it on your phone or using another machine.

Due to this caveat, serve’s –listen argument is useless in this case. The only configurble network-related parameter is the port.

Questions

If you have any questions please go ahead and comment below.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.