SSL for Local Development: Tools and Techniques

Slide Note
Embed
Share

Understanding the importance of using SSL in local development, this article discusses reasons for SSL usage, setting up localhost and self-signed CAs, and tools like mkcert and Caddy to facilitate the process. It highlights the benefits and potential drawbacks of each tool, offering insights on implementing SSL effectively in a local development environment.

coral
coral Follow

Uploaded on Aug 07, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. ITS - Administrative Information Services SSL for Developers How to use SSL in local development November 19, 2020

  2. Reasons to use SSL in local development * Make browsers happy At some point browsers will complain loudly about non-encrypted traffic Mixed content CORS issues * A client-side integration requires HTTPS * You need to have an external user/service interact with your app in development ITS - Administrative Information Services

  3. Localhost and Self-Signed CAs * You can't just go to the Sentigo portal and request a SSL certificate for localhost * You need a few bits to get SSL to work for localhost A private, self-signed CA A SSL certificate signed by that private CA That private CA imported into your SSL trust stores * You can certainly do all of this yourself, but there are a number of steps you have to do through. There is a better way. ITS - Administrative Information Services

  4. Tools - mkcert * https://github.com/FiloSottile/mkcert * Generates private certificate authority and certificate for use with localhost and installs in appropriate key stores * Pro: Easy to install and use * Pro: Do it once and forget (more or less) * Pro: Available for all platforms * Cons: Non-trusted CA so external entities can t trust ITS - Administrative Information Services

  5. Tools - Caddy * https://caddyserver.com * Versatile web server that can automatically generate SSL certs and be a reverse proxy * Pro: Easy to install and use * Pro: Can also generate private CA * Pro: Can automatically generate/renew trusted certs through ACME protocol * Pro: Reverse proxy, load balancer, and other functions * Con: Adds another layer to your development stack ITS - Administrative Information Services

  6. Caddyfile Examples Use private CA and just respond with a string localhost respond "Hello World!" Use trusted cert and reverse proxy to other services on localhost mialber.its.uiowa.edu reverse_proxy localhost:9000 reverse_proxy /dispatch/public/build/* localhost:8080 reverse_proxy /sockjs-node/* localhost:8080 tls /etc/ssl/mialber.cer /etc/ssl/mialber.key ITS - Administrative Information Services

  7. Better yet, Docker Compose # Caddy - to serve as the HTTP/S server caddy: image: caddy:alpine volumes: - ~/caddy/ssl:/etc/ssl - ~/caddy/caddy_data:/data - ~/caddy/Caddyfile:/etc/caddy/Caddyfile ports: - "443:443" - "80:80" - "8080:8080" ITS - Administrative Information Services

  8. ITS - Administrative Information Services Questions? Michael Alberhasky michael-alberhasky@uiowa.edu

Related


Self-Supervised Learning of Pretext-Invariant Representations

Self-Supervised Learning of Pretext-Invariant Representations

azami
Understanding TLS v1.3: Enhancing Round-Trip Times and SSL Configuration

Understanding TLS v1.3: Enhancing Round-Trip Times and SSL Configuration

mohammed
Local Government Advisory Committee and Local Leadership Workgroup Collaboration

Local Government Advisory Committee and Local Leadership Workgroup Collaboration

berenice
Evolution of Cryptography: From Ancient Techniques to Modern Security Mechanisms

Evolution of Cryptography: From Ancient Techniques to Modern Security Mechanisms

damari
Enhancing Local Development Through Integrated Planning: A Critical Analysis

Enhancing Local Development Through Integrated Planning: A Critical Analysis

graham
Enhancing Local Economic Development in Rufunsa Town through Integrated Plans

Enhancing Local Economic Development in Rufunsa Town through Integrated Plans

storm
Disaster Management and Local Development Through Devolution

Disaster Management and Local Development Through Devolution

rosanna
Comprehensive Guide to Sewing Tools and Equipment

Comprehensive Guide to Sewing Tools and Equipment

jett249
Understanding Fingerprint Development Techniques

Understanding Fingerprint Development Techniques

augusta
Enhancing Human Resources Management in Cameroon's Local Authorities

Enhancing Human Resources Management in Cameroon's Local Authorities

wizard
Integrated Development Planning: Ensuring Sustainable Progress in Local Governance

Integrated Development Planning: Ensuring Sustainable Progress in Local Governance

mira
Understanding SHA-256 Algorithm and History

Understanding SHA-256 Algorithm and History

ila
Traffic Analysis and Forensic Investigation Puzzle

Traffic Analysis and Forensic Investigation Puzzle

eloisa
Web App Security: Common Attacks and Preventive Measures

Web App Security: Common Attacks and Preventive Measures

drake
Understanding Ecotourism: Responsible Travel for Environmental Conservation

Understanding Ecotourism: Responsible Travel for Environmental Conservation

thea
Introducing the New Governor's AFID Infrastructure Grant Program

Introducing the New Governor's AFID Infrastructure Grant Program

maxemili
Understanding Local Winds and Their Effects

Understanding Local Winds and Their Effects

reuben
Understanding Local Maladies in Homeopathy: A Comprehensive Guide

Understanding Local Maladies in Homeopathy: A Comprehensive Guide

pearl
USAID LOCAL IMPACT GOVERNANCE PROJECT

USAID LOCAL IMPACT GOVERNANCE PROJECT

tymoteusz
Introduction to Cutting Tools in Workshop Technology

Introduction to Cutting Tools in Workshop Technology

esperanza
Discretionary Development Equalization Grant (DDEG) Guidelines FY 2021/22

Discretionary Development Equalization Grant (DDEG) Guidelines FY 2021/22

helio
Local Construction Industry Development Policy for Lesotho

Local Construction Industry Development Policy for Lesotho

braylon
Understanding Optimization Techniques in Neural Networks

Understanding Optimization Techniques in Neural Networks

kanye
Techniques and Tools for Health Education in Primary Care

Techniques and Tools for Health Education in Primary Care

joaquin

More Related Content

Enhancing Intelligence Analysis: Techniques and Tools
Enhancing Intelligence Analysis: Techniques and Tools
MABE Services & 2018 Legislative Priorities Overview
MABE Services & 2018 Legislative Priorities Overview
African Union Charter on Decentralisation and Local Governance Summary
African Union Charter on Decentralisation and Local Governance Summary
Voluntary Local Reviews in Zimbabwe: Strengthening SDGs 2023 Implementation
Voluntary Local Reviews in Zimbabwe: Strengthening SDGs 2023 Implementation
I02: Interactive Online Learning Environment
I02: Interactive Online Learning Environment
Urban Design Techniques for City Improvement
Urban Design Techniques for City Improvement
Challenges in Local Development Planning: A Call for Integrated Approach
Challenges in Local Development Planning: A Call for Integrated Approach
Fostering Economic Development Through Community Economic Development
Fostering Economic Development Through Community Economic Development
Insights into Kildare County Business and Employment Demographics 2024
Insights into Kildare County Business and Employment Demographics 2024
Understanding Local Government: Powers, Responsibilities, and Organization
Understanding Local Government: Powers, Responsibilities, and Organization
Promoting Local Food in Healthcare: Perspectives, Goals, and Strategies
Promoting Local Food in Healthcare: Perspectives, Goals, and Strategies
Supporting Local Government Initiatives for Citizenship in California
Supporting Local Government Initiatives for Citizenship in California
Comparing EndNote Web and Zotero Reference Management Tools
Comparing EndNote Web and Zotero Reference Management Tools
Testing Approach in SCREAM for E3SM Fall All-Hands 2019
Testing Approach in SCREAM for E3SM Fall All-Hands 2019
Ensuring Local Indicators Compliance in California's Education System
Ensuring Local Indicators Compliance in California's Education System
Proposed Dues Change for OPEIU Local 39: An Overview
Proposed Dues Change for OPEIU Local 39: An Overview
Local Government Finance
Local Government Finance
Encouraging Women's Participation in Local Government
Encouraging Women's Participation in Local Government
Exploring Sources, Tools, and Datasets in Text Mining
Exploring Sources, Tools, and Datasets in Text Mining
Enhancing Web Accessibility Through Observatory and Evaluation Tools
Enhancing Web Accessibility Through Observatory and Evaluation Tools
Strategic and Creative Re-Engineering of Integrated Planning Team - Pre-Screening Tools and Requirements
Strategic and Creative Re-Engineering of Integrated Planning Team - Pre-Screening Tools and Requirements
Understanding Fact Finding Techniques in System Analysis and Design
Understanding Fact Finding Techniques in System Analysis and Design
Overview of PRISM Assessment Tools in Routine Health Information Systems
Overview of PRISM Assessment Tools in Routine Health Information Systems
Humanitarian Response Planning and Implementation Tools
Humanitarian Response Planning and Implementation Tools