Kais DevBlog

More or less structred thoughts

Creating and using a self-signed certificate for local testing
Posted in Structr by Kai on Nov 13, 2021

Sometimes developing functionality requires our installation to have a valid certificate. There are many reasons, for example some JavaScript APIs are only available on HTTPS (for example navigator.mediaDevices - see the full list). This works on localhost because some, if not all, browsers have an exception for localhost. But if we want to connect our mobile phone to that installation we will be getting errors if the connection is not secure.


The easiest way to create a self-signed certificate is the keytool application which is part of the normal Java distribution:

keytool -genkey -keyalg RSA -alias localhost -keystore domain.key.keystore -validity 3650 -keysize 2048

The guided process requires some data which can be arbitrarily chosen - only the password is important. In this example we used the password 123456. The resulting file must be configured in structr.conf along with some more settings to enable HTTPS. The easiest way is to place the domain.key.keystore file in the structr root directory. In a docker setup we simply edit the YAML file at around line 70:

      - ./structr/domain.key.keystore:/var/lib/structr/domain.key.keystore

The configuration file structr.conf should contain the following settings:

application.keystore.path = domain.key.keystore
application.keystore.password = 123456
application.https.enabled = true
application.https.port = 8083

Most browsers will now allow HTTPS connections to our server. For my local Chrome installation some more convincing was necessary. It kept complaining about an unsecure connection. This was fixed for my by typing thisisunsafe anywhere in the warning page. Supposedly this can be also configured via a browser flag by navigating to chrome://flags/#allow-insecure-localhost, but that did not work for me.

Happy developing and testing!