Proxy SSL Traffic To Meteor For Development


by Gerard Sychay

So I recently had to work on a feature that required an SSL connection. The problem is that I usually run meteor in the default manner on http://localhost:3000. Well, you can't serve up traffic on the SSL port 443 and port 3000 at the same time, and I wasn't about to build in SSL capabilities into meteor, so that left one answer: run a proxy.

A quick google search led to a page on Meteorpedia, which led me to the Meteor-SSL-Proxy repo on Github.  The basic idea: run a proxy server on port 443, and proxy all traffic to your local meteor app running on port 3000.  Here are the exact steps.

  1. Clone the repo.

    $ git clone git@github.com:Tarang/Meteor-SSL-proxy.git
    $ cd Meteor-SSL-proxy
    

  2. Install the http-proxy module.

    $ npm install http-proxy
    

  3. Create your self-signed SSL certificate. Heroku has pretty good instructions.

  4. Edit main.js and fill in paths to your .crt file and .key file (you don't need a chain file).

  5. Start the proxy (you need sudo because 443 is a system port)

    $ sudo node main.js
    

  6. Start you meteor app on port 80. 

That will get you up and running, but I recommend a couple extra steps.

  1. Start meteor on its default port of 3000, and then edit the target in main.js. This keeps things simple on the meteor side.

  2. The proxy will crash if meteor stops or restarts. Run the proxy with forever so that the proxy will automatically pick up meteor when it's ready.

    $ npm install -g forever
    $ sudo forever main.js
    

    Here's my final main.js file.

    // main.js
    
    var PATH_TO_KEY = "./server.key",  
        PATH_TO_CERT = "./server.crt";
        //PATH_TO_CHAIN = "";
    
    var fs = require('fs'),  
        httpProxy = require('http-proxy');
    
    var options = {  
      ssl: {    
        key: fs.readFileSync(PATH_TO_KEY, 'utf8'),
        cert: fs.readFileSync(PATH_TO_CERT, 'utf8')
        //ca : fs.readFileSync(PATH_TO_CHAIN, 'utf8')
      },
      target : "http://localhost:3000",
      ws: true,
      xfwd: true
    };
    
    var server = httpProxy.createProxyServer(options).listen(443);
    


    Head to https://localhost and you should see your self-encrypted meteor app. Happy developing!

    Share Share on Twitter Share on Facebook Share on LinkedIn

    How Can We Help?

    Reaching out doesn’t mean you’re ready to start a project, but we’d love to learn more about the challenge you’re facing, answer any questions, and see if we might be a good fit for working together.

    Contact Us