A Simple Way to Create SSL (https) for Localhost with Nginx + Node.js

A Simple Way to Create SSL (https) for Localhost with Nginx + Node.js

Over the years of software development, we see the need for a simple way to create correct SSL (https) for our local machine. You can follow the guide created by our developer below:

1. Default node.js installed
2. Default nginx installed

$ sudo systemctl status nginx


$ node -v


There is the server.js file code (example: node.js server):

const http = require('http');


// create a server object:

http.createServer(function (req, res) {

  res.write('Simple way to create SSL (https) for localhost by Nginx + Nodejs!'); //write a response to the client

  res.end(); //end the response

}).listen(8080); //the server object listens on port 8080

Run terminal command $ node server.js

Installing the new tool:

$ sudo apt-get install -y libnss3-tools

Depending on our OS platform and requirement we need to download the binary file for mkcert tool.

$ mkdir ~/mkcert && cd ~/mkcert && \

wget https://github.com/FiloSottile/mkcert/releases/download/v1.1.2/mkcert-v1.1.2-linux-amd64 && \

 mv mkcert-v1.1.2-linux-amd64 mkcert && \

 chmod +x mkcert

$ ./mkcert -install

The example localhost site in our case is example.site.

$ ./mkcert example.site



As we can see above the command has created two important files:

"./example.site.pem" and "./example.site-key.pem". We will use these files in our nginx configs.


Now we are creating VHost for nginx. We need to create a new config file example.site inside /etc/nginx/sites-available/ folder:

$ sudo nano /etc/nginx/sites-available/example.site


Add the code  below inside the opened file:

server {

        listen 80;

        server_name example.site www.example.site;

        return 301 https://$host$request_uri;



server {

        listen 443 ssl;

        server_name example.site www.example.site;

        ssl_certificate /home/developer/mkcert/example.site.pem;

        ssl_certificate_key /home/developer/mkcert/example.site-key.pem;


        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

        ssl_prefer_server_ciphers on;

        ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

        location /  {

                proxy_pass    http://localhost:8080;

                proxy_http_version 1.1;

                proxy_set_header Upgrade $http_upgrade;

                proxy_set_header Connection 'upgrade';

                proxy_set_header Host $host;

                proxy_cache_bypass $http_upgrade;





After saving the opened file we need to enable nginx config via below command:

$ sudo ln -s /etc/nginx/sites-available/example.site /etc/nginx/sites-enabled/


Now we should add below example.site into our /etc/hosts file.  example.site  www.example.site

Restarting Nginx service:
$ sudo systemctl restart nginx

Opening the site example.site/ in browser tab we can see https already ready !

Here we have used Nodejs, but of course we can do this without it and also we can use php localhost site, we just need to create the correct VHOST and accordingly .pem and -key.pem files using the mkcert tool.

That's all. Good luck!