From time to time the need for a simple SSL terminating tunnel is wanted. This is used to enable the browser to use an HTTPS connection to an HTTP server. It is common to use a proxy server, but I was curious if there was something simpler. I was able to create an SSL tunnel using ghostunnel
https://github.com/ghostunnel/ghostunnel
To build it for MacOS 14.7 I needed to update the go.mod to use toolchain go1.22.7
(instead of toolchain go1.22.4
).
Created the cert and key
openssl req \ -x509 \ -newkey rsa:4096 \ -keyout key.pem \ -out cert.pem \ -sha256 \ -days 3650 \ -nodes \ -subj "/C=US/ST=RI/L=Providence/O=MojoTech/OU=Labs/CN=clientsite.com"
Add the client's domain name to /etc/hosts
127.0.0.1 clientsite.com
Run the tunnel
sudo ghostunnel server \ --listen clientsite.com:443 \ --target localhost:3000 \ --cert cert.pem \ --key key.pem \ --disable-authentication
Run Python's file directory serving http server
python3 -m http.server 3000
And finally, open https://clientsite.com in the browser or with curl
curl -k https://clientsite.com
I think since this is Go and executables are statically linked, you could share the ghostunnel executable and PEMs with other developers.