Using HTTPS

Humphrey supports serving content over HTTPS, provided that the tls feature is compiled in and a certificate is provided.

Setting up the TLS Certificate

TLS requires a certificate and a private key, which must be supplied to the server. In production, these would be generated by a certificate authority like Let's Encrypt, but when developing locally, it's often easier to use a self-signed certificate.

The mkcert command-line tool can be used to generate a trusted certificate for local development.

Installing `mkcert`

mkcert can be installed as follows (or downloaded from the aforementioned link):

Windows:

$ choco install mkcert

MacOS:

$ brew install mkcert

Linux:

$ sudo apt install libnss3-tools
$ brew install mkcert

Generating the Certificate

Once installed, the mkcert certificate authority must be trusted by the operating system, which can be done by running the following command.

$ mkcert -install

Finally, to generate a certificate for local development, run this command, which will create two files, localhost.pem and localhost-key.pem.

$ mkcert localhost

Using the Certificate with Humphrey

To provide the certificate to the server, you'll need to include the TLS configuration section in your configuration file as follows:

tls {
  cert_file "path/to/cert.pem"     # Path to the TLS certificate
  key_file  "path/to/key.pem"      # Path to the TLS key
  force     true                   # Whether to force HTTPS on all requests
}

Humphrey

Using HTTPS

Setting up the TLS Certificate

Installing mkcert

Generating the Certificate

Using the Certificate with Humphrey

Installing `mkcert`