When you're writing server to server communication locally, and these servers are running behind some proxy like puma-dev that enables SSL connections, you may face issues with OpenSSL (or variant) not trusting the connections. That is good, you want OpenSSL not to trust just any random certificate. But how to make it pass?
Your web browser probably allows you to visit a page on a server and even approve the certificate. You should then export the chain as .pem (Firefox makes this pretty easy: click on the lock, view security, view certificate, go to the "CA"-tab for that certificate and export the chain.
This PEM chain is just a plain text file, containing the public certificates of your local 'CA' (created by Puma-Dev)
Copy the text using an editor of choice.
And now open up: /opt/homebrew/etc/ca-certificates/cert.pem and add it.
Also make sure that everything uses this cert.pem by symlinking it to this file, so for example with ruby run
$ ruby -ropenssl -...
A local .test domain for development with https using Puma-dev (on macOS or Linux)
When you maintain a few projects locally developing against localhost works good enough. npm start or rails s or python manage.py runserver or php -S 127.0.0.1:8000 will boot up a server that binds to a local port and allows you to see your work locally. The advantage of using localhost is that you don't have to bother with https-traffic as browsers don't require https for their latest features, but sometimes you need different domains to test and running multiple services distinguished by nothing more than their port numbers can become hard to manage.
To address this problem not only for websites served by the puma server, puma-dev exists. It is a spiritual successor to Sam Stephenson's Pow, which solved this problem for rack-apps. puma-dev, however, can proxy other servers as well, whether these are written in Javascript, PHP, ruby or other languages; as long as these exposes a port to 127.0.0.1, your local loopback/host you can useā¦
Dit artikel van murblog van Maarten Brouwers (murb) is in licentie gegeven volgens een Creative Commons Naamsvermelding 3.0 Nederland licentie .