Appengine - Local dev server with https

Question

Goal: Reduce dev - feedback cycle by using App Engine dev server. For my use this must be available as a public HTTPS address. App Engine dev server only supports HTTP.

Answer 1

ngrok supports https urls to any http port, so you can just use ngrok to proxy an https domain to the GAE dev server port

If you have a paid for account, you can setup CNAMEs to use your own domains

ngrok http -hostname=dev.example.com 8080

Answer 2

I use NGINX as proxy with self signed certificate for my project https://debtstracker.io/

Here is my NGINX config. You would also need to add some yourproject.local record to your hosts file.

    server {  # This servers dynamic content of DebtsTracker.io project over HTTPS
            listen          443;
            server_name     debtstracker.local;
            ssl                  on;
            ssl_certificate      /etc/ssl/certs/debtstracker-local.crt;
            ssl_certificate_key  /etc/ssl/private/debtstracker-local.key;

            location /app/ {
                    proxy_pass   http://localhost:8100/;
                    proxy_set_header Host $http_host;
            }

            location / {
                    proxy_pass   http://127.0.0.1:8080;
                    proxy_set_header Host $http_host;
            }
    }

The first location is for GAE devserver and 2nd for Ionic project.

Here is a bash file I use to generate certificates:

#!/usr/bin/env bash
# https://www.accuweaver.com/2014/09/19/make-chrome-accept-a-self-signed-certificate-on-osx/

# https://gist.github.com/jessedearing/2351836

# Run using "sudo"

echo "Generating an SSL private key to sign your certificate..."
openssl genrsa -des3 -out debtstracker-local.key 1024

echo "Generating a Certificate Signing Request..."
openssl req -new -key debtstracker-local.key -out debtstracker-local.csr

echo "Removing pass-phrase from key (for nginx)..."
cp debtstracker-local.key debtstracker-local.key.org
openssl rsa -in debtstracker-local.key.org -out debtstracker-local.key
rm debtstracker-local.key.org

echo "Generating certificate..."
openssl x509 -req -days 365 -in debtstracker-local.csr -signkey debtstracker-local.key -out debtstracker-local.crt

echo "Copying certificate (debtstracker-local.crt) to /etc/ssl/certs/"
mkdir -p  /etc/ssl/certs
cp debtstracker-local.crt /etc/ssl/certs/

echo "Copying key (debtstracker-local.key) to /etc/ssl/private/"
mkdir -p  /etc/ssl/private
cp debtstracker-local.key /etc/ssl/private/

Hope this helps. Took me a while to set this up.

Answer 3

In case you've got only one module you need to reach out via SSL, you can simply use this one https://github.com/cameronhunter/local-ssl-proxy. Installation and usage are super easy. Just change the target port to your module port and then browse it via https to the source port. If you need to reach to multiple modules, you need to run it multiple times with different params (ports).