Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
I am the owner of lvh.me. And I'm glad to hear it's helpful. In truth, it's just a fancy DNS trick. lhv.me and all of it's sub-domains just point back to your computer (127.0.0.1). That means running ssl is as simple (or difficult) as running ssl on your computer.
I'm not sure how comfortable you are with the command line, but here's my how I setup my development environment. (rvm, passenger, nginx w/ SSL, etc).
# Install rvm (no sudo!)
# ------------------------------------------------------
bash < <( curl http://rvm.beginrescueend.com/releases/rvm-install-head )
source ~/.rvm/scripts/rvm
rvm install ree-1.8.7-2010.02
rvm ree --passenger
sudo mkdir -p /opt && sudo chown -R $USER /opt
passenger-install-nginx-module --auto --prefix=/opt/nginx/ --auto-download --extra-configure-flags=--with-http_ssl_module
## Setup a self-signed SSL certificate
curl http://www.selfsignedcertificate.com/download.php?file=28727991/www.example.com.key > /opt/nginx/conf/server.key
curl http://www.selfsignedcertificate.com/download.php?file=28727991/www.example.com.cert > /opt/nginx/conf/server.crt
## Sanity check your passenger_root and passenger_ruby
## Define virtual hosts in /opt/nginx/config/nginx.conf
## eg:
http {
passenger_root /Users/levi/.rvm/gems/ree-1.8.7-2010.02/gems/passenger-2.2.15;
passenger_ruby /Users/levi/.rvm/bin/passenger_ruby;
passenger_pool_idle_time 3600; # keep apps alive
# foo.lvh.me (http)
# ------------------------
server {
listen 80;
server_name foo.lvh.me;
root /Users/levi/projects/foo/public;
passenger_enabled on;
rails_env development;
}
# foo.lvh.me (https)
# ------------------------
server {
listen 443; ssl on;
ssl_certificate /opt/nginx/conf/server.crt;
ssl_certificate_key /opt/nginx/conf/server.key;
server_name foo.lvh.me;
root /Users/levi/projects/foo/public;
passenger_enabled on;
rails_env development;
}
}
# Start nginx
# ------------------------------------------------------
sudo /opt/nginx/sbin/nginx
# Stop nginx
# ------------------------------------------------------
sudo /opt/nginx/sbin/nginx -s stop
@amenk

This comment has been minimized.

Copy link

amenk commented May 12, 2016

It would be cool to have a publicly signed wild card certificate for lvh.me ...

@lightningspirit

This comment has been minimized.

Copy link

lightningspirit commented Sep 28, 2017

You can do it using Let's Encrypt certificates. They are the valid and free ones!

@bartocc

This comment has been minimized.

Copy link

bartocc commented Oct 9, 2017

@lightningspirit if you managed to generate a certificate for "lvh.me" with let's encrypt, I'd like to know how.

I've tried sudo certbot certonly --standalone -d lvh.me and got the following error

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for lvh.me
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. lvh.me (tls-sni-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for lvh.me

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: lvh.me

   Type:   unknownHost
   Detail: No valid IP addresses found for lvh.me

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.
@chimurai

This comment has been minimized.

Copy link

chimurai commented Mar 15, 2018

Let's Encrypt wildcard certificate support is live as of March 13 2018.

https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579

Would be awesome to have it on lvh.me

@ngilbert-inst

This comment has been minimized.

Copy link

ngilbert-inst commented Jul 17, 2018

Would be awesome to have it on lvh.me

+1

@hugogilmar

This comment has been minimized.

Copy link

hugogilmar commented Sep 8, 2019

Would be awesome to have it on lvh.me

+1

@arukompas

This comment has been minimized.

Copy link

arukompas commented Sep 30, 2019

As I understand, lvh.me is just a DNS trick, such as adding an A record pointing to 127.0.0.1. There's no server behind it, there's nothing to perform SSL verification/handshakes.

@levicook

This comment has been minimized.

Copy link
Owner Author

levicook commented Sep 30, 2019

That's correct; It's simply a dns entry that resolves to 127.0.0.1. Let's Encrypt will not generate certs for 127.0.0.1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.