Created
September 3, 2010 09:31
-
-
Save levicook/563675 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I am the owner of lvh.me. And I'm glad to hear it's helpful. In truth, it's just a fancy DNS trick. lhv.me and all of it's sub-domains just point back to your computer (127.0.0.1). That means running ssl is as simple (or difficult) as running ssl on your computer. | |
I'm not sure how comfortable you are with the command line, but here's my how I setup my development environment. (rvm, passenger, nginx w/ SSL, etc). | |
# Install rvm (no sudo!) | |
# ------------------------------------------------------ | |
bash < <( curl http://rvm.beginrescueend.com/releases/rvm-install-head ) | |
source ~/.rvm/scripts/rvm | |
rvm install ree-1.8.7-2010.02 | |
rvm ree --passenger | |
sudo mkdir -p /opt && sudo chown -R $USER /opt | |
passenger-install-nginx-module --auto --prefix=/opt/nginx/ --auto-download --extra-configure-flags=--with-http_ssl_module | |
## Setup a self-signed SSL certificate | |
curl http://www.selfsignedcertificate.com/download.php?file=28727991/www.example.com.key > /opt/nginx/conf/server.key | |
curl http://www.selfsignedcertificate.com/download.php?file=28727991/www.example.com.cert > /opt/nginx/conf/server.crt | |
## Sanity check your passenger_root and passenger_ruby | |
## Define virtual hosts in /opt/nginx/config/nginx.conf | |
## eg: | |
http { | |
passenger_root /Users/levi/.rvm/gems/ree-1.8.7-2010.02/gems/passenger-2.2.15; | |
passenger_ruby /Users/levi/.rvm/bin/passenger_ruby; | |
passenger_pool_idle_time 3600; # keep apps alive | |
# foo.lvh.me (http) | |
# ------------------------ | |
server { | |
listen 80; | |
server_name foo.lvh.me; | |
root /Users/levi/projects/foo/public; | |
passenger_enabled on; | |
rails_env development; | |
} | |
# foo.lvh.me (https) | |
# ------------------------ | |
server { | |
listen 443; ssl on; | |
ssl_certificate /opt/nginx/conf/server.crt; | |
ssl_certificate_key /opt/nginx/conf/server.key; | |
server_name foo.lvh.me; | |
root /Users/levi/projects/foo/public; | |
passenger_enabled on; | |
rails_env development; | |
} | |
} | |
# Start nginx | |
# ------------------------------------------------------ | |
sudo /opt/nginx/sbin/nginx | |
# Stop nginx | |
# ------------------------------------------------------ | |
sudo /opt/nginx/sbin/nginx -s stop |
Usability over security. It avoids that the user needs to make an exception for a self-signed certificate.
Yes, it is hacky but interesting. Might be useful in some cases as mixed content is blocked nowadays and some API's (like webrtc) are not available on http.
I also imagine possibilities for shady purposes, like malware.
@landegnoot sure, but you haven't answered the question.. lvh.me is not for users, it's for developers.
If that is the scope, there is no advantage over self signed certificates.
I stumbled upon this project as I needed a website to connect to a service running on localhost.
Looks like selfsignedcertificate.com has been replaced by some kind of ad site.
What now?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@langenoot yes, you can generate a cert, but where do you store it and distribute it and how's that different from just using self-signed certs?