#Laravel Valet HTTPS
Prior to Valet 1.1 you could user HAproxy After the introduction of Caddy server in Valet 1.1 you can add a simple file. (Recommend still generating a certificate to use for now).
Assuming we are using .dev domain.
#Valet 1.1+
Build a certificate (see next section)
Add a new file ~/.valet/Caddy/sslCaddyFile
. Caddy will load this up from the main Caddyfile.
:443 {
fastcgi / 127.0.0.1:9000 php {
index server.php
}
rewrite {
to /server.php?{query}
}
tls /Users/keoghan/haproxy/ssl/dev.pem /Users/keoghan/haproxy/ssl/dev.key
}
Then valet restart
#Build certificate for .dev Change the directory to suit you.
mkdir -p ~/haproxy/ssl
openssl genrsa -out haproxy/ssl/dev.key 1024
openssl req -new -key ~/haproxy/ssl/dev.key -out ~/haproxy/ssl/dev.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:UK
State or Province Name (full name) [Some-State]:London
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:*.dev
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
openssl x509 -req -days 365 -in ~/haproxy/ssl/dev.csr -signkey ~/haproxy/ssl/dev.key -out ~/haproxy/ssl/dev.crt
cat ~/haproxy/ssl/dev.crt ~/haproxy/ssl/dev.key | tee ~/haproxy/ssl/dev.pem
#Valet < 1.1 ##Using HAproxy
brew install haproxy
Build the certificate as above
Make the config file ~/haproxy/haproxy.conf
:
global
maxconn 4096
pidfile ~/tmp/haproxy-queue.pid
defaults
log global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
mode http
timeout connect 300000
timeout client 300000
timeout server 300000
maxconn 2000
option redispatch
retries 3
option httpclose
option httplog
option forwardfor
option httpchk HEAD / HTTP/1.0
frontend https-frontend
bind *:443 ssl crt /Users/keoghan/haproxy/ssl/dev.pem
mode http
default_backend nodes
backend nodes
balance roundrobin
mode http
option forwardfor
option httpchk HEAD / HTTP/1.1\r\nHost:localhost
server web1 localhost:80
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
##Run it (needs to be sudo as we're binding to 443, a relatively low port number):
sudo haproxy -f ~/haproxy/haproxy.cfg
##enjoy your site at https://[blah].dev
Thanks to both laravel/valet and serverforhackers.com :)