Automatic self-signed HTTPS for local development

From time to time when doing web development, you need to test something related to HTTPS. In some cases, the application you’re writing already supports HTTPS natively and that’s no problem. But more often (and probably better, in my opinion) is the case when you have another service (be it an AWS ELB or an nginx layer) that will terminate the HTTPS connection for you so your application doesn’t have to know how to speak HTTPS.

In those cases, how can you test functionality that specifically interacts with HTTPS?

Today I will show you autohttps, a thin nginx proxy using Docker and a self signed certificate to automatically create an HTTPS proxy in front of your application.

read more...


SSH Config ProxyCommand Tricks

Working in security/operations in the tech industry, I use SSH a lot. To various different machines (some with hostnames, some without), using various different users and keys, and often (as was the case in my previous post) via a bastion host. Over the years, I’ve collected a number of SSH tricks that make my life easier.

read more...


Dynamic Automatic Proxies

On of the advantages of working in computer programming is that I can work from anywhere I have a computer and an internet connection. One of the disadvantages is that many of the resources that I need to do my job are locked to only be accessible within a specific network (albeit with a bastion host).

I long ago set up my SSH config to create an SSH tunnel and I can proxy many applications through that just by setting the HTTP_PROXY and/or HTTPS_PROXY environment variables. The downside of this though is that if I’m actually on a ‘safe’ network, there’s no reason to use the bastion host and I would actually be putting extra load on it.

My goal: write something that would let me automatically proxy applications when I need to but not when I don’t.

read more...