设置（https）localhost上的SSL用于流星开发 [英] Setup (https) SSL on localhost for meteor development

问题描述

如何创建自签名SSL证书以在Mac 10.9上的本地服务器上使用？

How do you create a self signed SSL certificate to use on local server on mac 10.9?

我需要我的localhost作为 https： // localhost

I require my localhost serving as https://localhost

我使用的是linkedin API。这里要解释在本地主机上需要ssl的功能。
https://developer.linkedin.com/documents/exchange- jsapi-tokens-rest-api-oauth-tokens

I am using the linkedin API. The feature which requires the ssl on local host is explained here. https://developer.linkedin.com/documents/exchange-jsapi-tokens-rest-api-oauth-tokens

简而言之，linkedin会在客户端授权我的应用访问其客户端后向客户端发送一个承载令牌数据。通过linkedin内置的javascript库会自动发送这个cookie到我的服务器/后端。这个json文件信息用于用户认证。

In brief, linkedin will send the client a bearer token after the client authorises my app to access their data. The built in javascript library by linkedin will automatically send this cookie to my server / backend. This json file info is used for user authentication.

但是，如果服务器不是https，则linkedin不会发送私人Cookie。

However, linkedin will not send the private cookie if the server is not https.

推荐答案

在您的应用程序上使用 http-proxy 顶部，可以在dev / prod模式下工作的快速简单的解决方案。

Quick and easy solution that works in dev/prod mode, using http-proxy ontop of your app.

1）添加 tarang：ssl 包中

meteor add tarang:ssl

2）将您的证书和密钥添加到应用程序的目录 / private ，例如 /private/key.pem 和 /private/cert.pem

2) Add your certificate and key to a directory in your app /private, e.g /private/key.pem and /private/cert.pem

然后在您的/服务器代码中

Then in your /server code

Meteor.startup(function() {
    SSLProxy({
       port: 6000, //or 443 (normal port/requires sudo)
       ssl : {
            key: Assets.getText("key.pem"),
            cert: Assets.getText("cert.pem"),

            //Optional CA
            //Assets.getText("ca.pem")
       }
    });
});

然后启动应用程序并加载 https：// localhost：6000 。确保不要混淆您的端口与https和http，因为它们是单独服务。

Then fire up your app and load up https://localhost:6000. Be sure not to mix up your ports with https and http as they are served seperately.

有了这个我假设你知道如何创建自己的自签名证书，有很多资源如何做到这一点。以下是一些链接。

With this I'm assuming you know how to create your own self signed certificate, there are loads of resources on how to do this. Just in case here are some links.

• http://www.akadia.com/services/ssh_test_certificate.html


• https://devcenter.heroku.com/articles/ssl-certificate-self

• http://www.akadia.com/services/ssh_test_certificate.html
• https://devcenter.heroku.com/articles/ssl-certificate-self

替代自签名证书：可能最好使用官方证书为您的应用程序域，并使用 / etc / hosts 在本地计算机上创建环回。这是因为它很繁琐，必须在dev和prod之间切换证书。

An alternative to self signed certs: it may be better to use an official certificate for your apps domain and use /etc/hosts to create a loopback on your local computer too. This is because its tedious to have to switch certs between dev and prod.

这篇关于设置（https）localhost上的SSL用于流星开发的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！