Meteor development with a real subdomain and HTTPS

Posted January 18th, 2018 in Razno by Metod

TL;DR: Use the nourharidy:ssl package.

The story

I’ve been doing some Meteor development lately. There was a need to run the local server under a real subdomain (instead of localhost) with HTTPS. So I googled and found this StackOverflow answer which seemed to be exactly what I needed.

Turns out that it had issues with web sockets hanging all the time.

So I turned to Google once more and found this little gem of a comment which pointed me in the direction of the nourharidy:ssl package.

The configuration

A few assumptions here:

  • Your local domain is dev.example.com
  • You know how to generate self-signed certificates and have already done so
  • Those certificates are named dev.example.com.crt and dev.example.com.key

First, we need to install the package.

  1. $ meteor add nourharidy:ssl

Then, you should put the certificate files under the /private folder of your app.

Next, depending on your file structure, somewhere under a server folder create a new file and put the following code inside:

  1. /* global Assets:true, SSL:true */
  2. /* eslint-disable new-cap */
  3. import { Meteor } from ‘meteor/meteor’;
  5. Meteor.startup(() => {
  6.   if (!Meteor.isDevelopment) {
  7.     return;
  8.   }
  10.   SSL(
  11.     Assets.absoluteFilePath(‘dev.example.com.key’),
  12.     Assets.absoluteFilePath(‘dev.example.com.crt’),
  13.     8000
  14.   );
  15. });

You can change the 8000 port to any other port. If you want to avoid using sudo it should, however, be above 1024.

Don’t forget to add an entry to your /etc/hosts: dev.example.com

Now all we need to do is tell Meteor where it is running by setting the ROOT_URL variable:

  1. $ ROOT_URL="https://dev.example.com:8000/" meteor run

Meteor is now running at https://dev.example.com:8000/.

The conclusion

After a bit of trial and error, this seems to be the most simple solution for running the local development server under a real subdomain with HTTPS and not involving any separate nginx proxies. This can be useful for example for Facebook OAuth testing. I hope this comes in handy to someone at some point.