I’m using Local with Gulp and Browsersync to live reload pages when I make code changes.
I’ve set the SSL certificate to trusted in Local, and in the gulpfile.js I’ve specified the proxy URL to be https. When the Gulp script runs it loads the site on https://localhost:3000 via the Local proxy.
Everything loads and seems to work OK except the site displays a not secure warning. See screenshot. I’m using Local v2.2.1.
Does anyone know how I can make the connection accept the SSL certificate generated by Local?
I’ve had issues like this with BrowserSync and SSL Certs for the local proxy url.
Ultimately I just decided to do my BrowserSync deving over HTTP since I was really only doing styling work that didn’t require me to have the content served of HTTPS.
That may not be an option for you, but I definitely was banging my head on the issue for a while before throwing my hands up and moving on!
Yeah it does indeed, but I think you’ll have to do it only once, then you can use the same cert for all your projects as they all work behind the same proxy (//localhost).
I’m also on Windows and I’m gonna try this maybe over the weekend…
Apparently, from version 2.2 onwards, BrowserSyncs automatically generates a self-signed certificate for localhost, as long as you either set https: true, or specify https:// in the address for the proxy option. So no need to generate it, nor to provide its .crt and .key in the gulpfile.js.
In fact, after upgrading to the latest version, the cert is indeed in place:
it’s just that it’s invalid, because it’s self-signed, so Chrome won’t display a green lock. But the cert is there, and it should not give any problems, except for an annoying red triangle in the address bar, and an initial warning that once skipped shouldn’t appear anymore.
One more useful step would be the option in Chrome to Allow invalid certificates for resources loaded from localhost.
To enable this, paste this in your address bar: chrome://flags/#allow-insecure-localhost and enable the first option.
In my case it looks like it will still show a red lock, but it shouldn’t be blocking HTTPS resources.
TLDR;
Update BS to the latest version
Set up your gulpfile like this (Note: You don’t need to provide the https option here, as it’s inferred from the proxy target) :
var projectURL = 'https://mysite.dev.cc';
browserSync.init({
proxy: projectURL,
host: '192.168.0.143'
});
Now the last one step to turn the green light on, would be for our Windows machine to trust this already existing certificate, but I still have to find a solution to this, sadly.
Thanks for that. It made me realise I too had the certificate installed just that it wasn’t valid either.
I’ve tried a few things to get the certificate to be recognised but haven’t got it to work.
A better approach might be to generate a new certificate using something like OpenSSL and getting Browsersync to use this one instead. See the https settings here: Browsersync options
However I couldn’t get this to work either. But I did come across a Windows utility to generate the SSL via a UI rather than the command line which is a bit easier.
Trusted the certificate (Right click on the .crt, Install, Next, Place all certificates in Trusted Root Certification Authorities)
The certificate seems to work, but only Edge shows it as trusted. Both Chrome and FireFox are still throwing warnings
Windows does indeed trust the cert now:
But Chrome says “Invalid”.
As a side note, if you are looking for the cert generated by BrowserSync, you can find it here: C:\Users\YOURUSERNAME\AppData\Roaming\npm\node_modules\browser-sync\certs
So maybe the same steps above can be reproduced on this cert instead of creating a new one with the tool.
I’m a bit lost now, I don’t know what else I could do, I’ve trusted the certificate and still no positive results. What else does Chrome want?
Although I feel like we’re probably both wasting our time, as even though the lock isn’t green, all HTTPS resources are being loaded correctly, at least on my end!
I recently gave this in-depth article a go, but came up short with an error message at the end in my WSL App. But maybe someone here will have better luck.