Not today...



Simple HTTPs server

Tagged cli , admin

Sometimes we need to create a simple server saying hello through https. Here is a simple snippet to achieve this in a shell.

# first we generate a self signed certificate for domain foo
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
	-out foo.crt -keyout foo.key -subj "/"

# then we start a server using socat
sudo socat "ssl-l:443,cert=foo.crt,key=foo.key,verify=0,fork,reuseaddr" \
	SYSTEM:"echo HTTP/1.0 200; echo Content-Type\: text/plain; echo; echo Hello World\!;"

You can now request using curl

# using ip address
curl -k ""

# providing a resolve entry matching our domain name
curl -k --resolve ""

If you don’t want to use the -k/--insecure option you can install the root certificate on your machine by running the following commands (may vary on distributions):

cp foo.crt /usr/local/share/ca-certificates/

Last but not list, you can use socat as an ssl termination proxy. It is pretty straightforward:

# start a simple http server, here darkhttpd to serve some directory
darkhttpd /tmp --port 8080 --daemon

# now start your socat proxy
sudo socat "ssl-l:443,cert=foo.crt,key=foo.key,verify=0,fork,reuseaddr" \

Et voilĂ ! Simplest way I ever found to perform some testing or run ad-hoc simple https servers.

If you got time, take a look at socat, it’s a super powerful tool.