lvh.me ssl

lvh_ssl.md

Install nginx

$ brew install nginx

Edit nginx.conf

$ vim /usr/local/etc/nginx/nginx.conf

Change the content of the file to:

worker_processes  1;

events {
  worker_connections  1024;
}

http {
  keepalive_timeout  0;

  # Change this ports to your dev servers
  map $host  $port {
    default        3000;
    cti.lvh.me     3001;
  }

  server {
     listen               443 ssl;
     server_name          *.lvh.me;
     ssl_certificate      lvh.cert;
     ssl_certificate_key  lvh.key;
     ssl_session_cache    shared:SSL:1m;
     ssl_session_timeout  15m;
     ssl_ciphers  HIGH:!aNULL:!MD5;
     ssl_prefer_server_ciphers  on;

     rewrite_log on;

     location / {
      proxy_pass          http://127.0.0.1:$port;
      proxy_set_header    Accept-Encoding     "";
      proxy_set_header    Host                $host;
      proxy_set_header    X-Real-IP           $remote_addr;
      proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
      proxy_set_header    X-Forwarded-Proto   $scheme;
      add_header          Front-End-Https     on;
    }
  }
  include servers/*;
}

Generate Self-signed certificate

cd /usr/local/etc/nginx
openssl req -x509 -newkey rsa:4096 -keyout lvh.key -out lvh.cert -days 365 -subj '/CN=*.lvh.me' -nodes

Start nginx

$ sudo nginx

In case you need to edit nginx.conf reload your configuration:

$ sudo nginx -s reload

Change local policy to trust the certificate

Add the certificate to Keychain Access and set the Trust Policy to Always Trust.

zz_keychain.png