Stunnel

 10 Sep 2014

 0 Comments

I’ve had to test a lot of OAuth applications recently and would often need proper SSL running on localhost for them. When working on tiny little one page Sinatra or Express apps I didn’t want to learn how to setup each framework to use SSL properly so instead I just use stunnel to do it.

Installing

To install stunnel I just:

brew install stunnel

I then create a quick self-signed certificate to use:

openssl req -new -x509 -days 365 -nodes -out stunnel.pem -keyout stunnel.pem

Config

Stunnel is easiest to use with a config file so I write one like the following:

# stunnel.conf
foreground = yes

[example-app]
connect = 3000
accept = 443
cert = stunnel.pem

In this file the first option just makes stunnel run in the foreground. Since I’m only using it for local testing I find this easier. I can close the tunnel with ctrl-c and don’t need to worry about spawning too many processes in the background or forgetting about one.

The [example-app] is just naming a tunnel so this can be whatever you want. I then specify what port to listen on (accept) and what port to connect to (connect). This is my default for most ruby apps. You then link to the cert file to use (which is the cert you created a second ago).

Profit

Now I can use https://localhost to connect (with SSL) to an app running on a local port. Easy! If you need a “real” url instead of localhost you can just edit your hostfile to point any DNS name you want to 127.0.0.1 (sometimes OAuth providers won’t accept localhost as a redirect url for instance).

Other options

ngrok looks like a great service to use if you need to do this and aren’t working on anything sensitive.