NIXX/DEVv1.15.0
ArticlesFavorites
Sign In
Sign In
Articles

Welcome to our blog

A curated collection of insightful articles, practical guides, and expert tips designed to simplify your workflow

Cover image for: How to Enable HTTPS on Localhost in Under 2 Minutes
March 13, 20253 MIN READ min readBy ℵi✗✗

How to Enable HTTPS on Localhost in Under 2 Minutes

Secure your local development environment quickly using mkcert and stunnel.

webdevtutorialproductivity
ℵi✗✗

ℵi✗✗

Full-Stack Developer

Passionate about building tools and sharing knowledge with the developer community.

Was this helpful?

Popular Posts

  • NixOS vs. Arch Linux: Which One Belongs in Your Dev Setup?

    NixOS vs. Arch Linux: Which One Belongs in Your Dev Setup?

    5 MIN READ min read

  • Migrating from Create React App (CRA) to Vite: A Step-by-Step Guide

    Migrating from Create React App (CRA) to Vite: A Step-by-Step Guide

    4 MIN READ min read

  • Is Your Android Device ARM or ARM64? Here’s How to Check (2026 Guide)

    Is Your Android Device ARM or ARM64? Here’s How to Check (2026 Guide)

    4 MIN READ min read

  • Array Destructuring in PHP: A Practical Guide for Modern Developers

    Array Destructuring in PHP: A Practical Guide for Modern Developers

    5 MIN READ min read

Recommended Products

  • Hybrid ANC Bluetooth Headphones — 60H Playtime

    Hybrid ANC Bluetooth Headphones — 60H Playtime

    5.0
  • Apple MacBook Air M2

    Apple MacBook Air M2

    4.4
  • Samsung Galaxy S23

    Samsung Galaxy S23

    4.2
  • Apple iPad (7th Gen)

    Apple iPad (7th Gen)

    4.3

May contain affiliate links

Topics

webdev33productivity16cybersecurity12javascript11automation10guide8react7typescript7php6tutorial6freelancing5github actions5privacy5how to4Node.js4
+113 more topics →
🇺🇸USD ACCOUNTOpen a free US-based USD accountReceive & save in USD — powered by ClevaSponsoredInterserver Hosting#1 VALUEAffordable, reliable hosting from $2.50/mo99.9% uptimeSponsored

Some browser features simply refuse to work without HTTPS — geolocation, Service Workers, WebRTC, and most OAuth flows among them. Deploying to a remote server every time you need to test one of these is slow and unnecessary.

With mkcert and stunnel, you can have a fully trusted HTTPS environment running on localhost in under two minutes, no cloud hosting required.

What this guide covers:

  • Generating a locally trusted certificate with mkcert

  • Wrapping your dev server in a TLS tunnel with stunnel

  • Fixing the most common setup errors

Why HTTPS on Localhost Matters

Running HTTP locally is fine for basic UI work, but it breaks down quickly once you start integrating with external services or using security-dependent browser APIs. A local HTTPS setup lets you:

  • Test secure API integrations (Stripe, Google Maps, Auth0) without deploying

  • Eliminate mixed-content warnings during frontend development

  • Use browser features that only activate over a secure connection

  • Replicate production conditions accurately from day one

Step 1: Install mkcert

mkcert is a zero-config tool that creates locally trusted development certificates. Unlike self-signed certificates, ones generated by mkcert are accepted by your browser without warnings because the tool installs its own local certificate authority.

On macOS with Homebrew:

brew install mkcert
mkcert -install

Once installed, generate a certificate for localhost:

mkcert -key-file ~/localhost-key.pem -cert-file ~/localhost-cert.pem localhost

This produces two files — a private key and a signed certificate — both scoped to localhost.

Step 2: Bundle the Certificate Files

Combine the key and certificate into a single file for easier use with stunnel:

cat ~/localhost-key.pem ~/localhost-cert.pem > ~/localhost-bundle.pem

Step 3: Set Up stunnel

stunnel is a lightweight proxy that wraps an existing TCP service in TLS encryption. It sits in front of your dev server and handles the HTTPS layer transparently.

Install it:

brew install stunnel

Then start it, pointing it at your dev server:

sudo stunnel3 -f -d 443 -r 8000 -p ~/localhost-bundle.pem

What each flag does:

  • -d 443 — listens on the standard HTTPS port

  • -r 8000 — forwards decrypted traffic to your local server on port 8000

  • -p — specifies the certificate bundle to use

Tip: If port 443 is already in use, swap -d 443 for -d 8443 and access your site at https://localhost:8443 instead.

Step 4: Test the Setup

Start your local server on port 8000:

npm run dev --port 8000

Then open https://localhost in your browser. If everything is configured correctly, your site loads over HTTPS with no certificate warnings.

Troubleshooting

Certificate not trusted This usually means mkcert -install was skipped. Run it now — it registers the local CA with your system trust store and browsers pick it up automatically.

Port 443 already in use Switch to an alternate port:

sudo stunnel3 -f -d 8443 -r 8000 -p ~/localhost-bundle.pem

Then visit https://localhost:8443.

Command not found Confirm both tools are installed and on your $PATH:

which mkcert && which stunnel3

If either returns nothing, re-run the install step and open a new terminal session.

Key Takeaways

  • mkcert generates locally trusted certificates that browsers accept without warnings.

  • stunnel wraps any local server in a TLS tunnel without modifying the server itself.

  • Bundling the key and certificate into one file keeps the stunnel command clean.

  • Port 8443 is a reliable fallback when 443 is unavailable.

  • This entire setup takes under two minutes and requires no external hosting.

Conclusion

Local HTTPS is one of those things that feels like extra work until you set it up once and realize how little effort it actually takes. mkcert handles certificate trust so your browser never complains, and stunnel handles encryption so your server does not have to.

Next time a browser API refuses to cooperate or an OAuth flow demands a secure origin, this setup has you covered — no deployment, no workarounds.

Have a question about the setup or want to see a version using nginx instead of stunnel? Leave a comment below.

Topics
webdevtutorialproductivity
Interserver Hosting#1 VALUEAffordable, reliable hosting from $2.50/mo99.9% uptimeSponsored

Discussion

Join the discussion

Sign in to share your thoughts and engage with the community.

Sign In
Loading comments…

Continue Reading

More Articles

View all
Cover image for: How Much Does Business Email Really Cost? (And How to Save Money)
May 25, 20254 MIN READ min read

How Much Does Business Email Really Cost? (And How to Save Money)

If you're paying for business email through Google Workspace or Microsoft 365, you might be overpaying. Here's how to rethink your setup and save hundreds per year.

Cover image for: The 3-Device Rule: How to Simplify Your Digital Life and Stop Overbuying Tech
Aug 5, 20255 MIN READ min read

The 3-Device Rule: How to Simplify Your Digital Life and Stop Overbuying Tech

Tired of juggling too many devices? Learn the 3-device rule that helps you streamline your digital life, reduce clutter, and focus on what really matters.

Cover image for: React Authentication with JWT: A Step-by-Step Guide
Oct 17, 20257 MIN READ min read

React Authentication with JWT: A Step-by-Step Guide

Learn how to implement secure JWT authentication in React. From login to route protection and API calls, this guide covers everything you need to know.

Cover image for: AI for DevOps: Tools That Are Already Changing the Game
Jun 17, 20256 MIN READ min read

AI for DevOps: Tools That Are Already Changing the Game

How artificial intelligence is transforming CI/CD pipelines, monitoring, and incident response—today.

|Made with · © 2026|TermsPrivacy
AboutBlogContact

Free, open-source tools for developers and creators · Community driven