Proxy SSL Traffic To Meteor For Development

by Gerard Sychay

So I recently had to work on a feature that required an SSL connection. The problem is that I usually run meteor in the default manner on http://localhost:3000. Well, you can't serve up traffic on the SSL port 443 and port 3000 at the same time, and I wasn't about to build in SSL capabilities into meteor, so that left one answer: run a proxy.

A quick google search led to a page on Meteorpedia, which led me to the Meteor-SSL-Proxy repo on Github.  The basic idea: run a proxy server on port 443, and proxy all traffic to your local meteor app running on port 3000.  Here are the exact steps.

  1. Clone the repo.

    $ git clone
    $ cd Meteor-SSL-proxy

  2. Install the http-proxy module.

    $ npm install http-proxy

  3. Create your self-signed SSL certificate. Heroku has pretty good instructions.

  4. Edit main.js and fill in paths to your .crt file and .key file (you don't need a chain file).

  5. Start the proxy (you need sudo because 443 is a system port)

    $ sudo node main.js

  6. Start you meteor app on port 80. 

That will get you up and running, but I recommend a couple extra steps.

  1. Start meteor on its default port of 3000, and then edit the target in main.js. This keeps things simple on the meteor side.

  2. The proxy will crash if meteor stops or restarts. Run the proxy with forever so that the proxy will automatically pick up meteor when it's ready.

    $ npm install -g forever
    $ sudo forever main.js

    Here's my final main.js file.

    // main.js
    var PATH_TO_KEY = "./server.key",  
        PATH_TO_CERT = "./server.crt";
        //PATH_TO_CHAIN = "";
    var fs = require('fs'),  
        httpProxy = require('http-proxy');
    var options = {  
      ssl: {    
        key: fs.readFileSync(PATH_TO_KEY, 'utf8'),
        cert: fs.readFileSync(PATH_TO_CERT, 'utf8')
        //ca : fs.readFileSync(PATH_TO_CHAIN, 'utf8')
      target : "http://localhost:3000",
      ws: true,
      xfwd: true
    var server = httpProxy.createProxyServer(options).listen(443);

    Head to https://localhost and you should see your self-encrypted meteor app. Happy developing!

    Share Share on Twitter Share on Facebook Share on LinkedIn

    How Can We Help?

    If you’re a middle-market or enterprise level organization with a problem that might be solved through technology, we’d love to set up a 15-minute Discovery Call to see how we might help.

    Contact Us