MagicMirror² v2.8.0 is available! For more information about this release, check out this topic.

How to run as "https"?


  • Module Developer

    I’m not familiar with MM core, so I just want to know this.
    When MM is executed, MM seems to be recognized as using “http” basically.
    Is there a way of using “https” instead “http”?
    I mean, How can I activate “https://localhost:8080” ?


  • Module Developer

    As far as I know, it is pretty simple.
    In your js/server.js file, you are going to want to convert the http server it is using to an https one.
    First thing you are going to want to do is to create a self-signed certificate which is explained much better than I can on stack overflow.

    You can store those in any folder you want, but I just put them under js/https/* in order to have them close by.

    Then, in the server.js file, comment out var server = require("http").Server(app); near the top of the file. Underneath the imports, add a line importing your key and cert like so:

    var options = {
      key: fs.readFileSync(path.join(__dirname, "/https/key.pem")),
      cert: fs.readFileSync(path.join(__dirname, "/https/cert.pem"))
    };
    

    Underneath that, insert the line var server = require("https").Server(options, app); to substitute an https server for the http one. Finally, copy the line var io = require("socket.io")(server); below that and start your mirror.


  • Module Developer

    As a slightly more easy to deal with version, you can just add

    var server = require("http").Server(app);
    if(config.useHttps){
        var options = {
            key: fs.readFileSync(path.join(config.httpCertPath, "key.pem")),
            cert: fs.readFileSync(path.join(config.httpCertPath, "cert.pem"))
        }
        server = require("https").Server(options, app);
    }
    
    
    var io = require("socket.io")(server);
    

    in the same server.js file right under the var Server = function(config, callback) { line.
    In your config.js, you can modify it to be

    var config = {
        useHttps: true,
        httpCertPath: "ABSOLUTE_PATH",
    }
    

    and then you can switch back and forth if you need.



  • I did this but when i want try to access https://ipaddress:8080 “ERR_SSL_VERSION_OR_CIPHER_MISMATCH” is returned in the google browser. Do you know the solution for this problem?


  • Module Developer

    @Lorenz
    Could you post your server.js file so we can just make sure there aren’t many spelling mistakes?

    • The first thing that you should do is make sure that the path you supplied to the key and cert is correct. This error can arise if you are not pointing to the correct files.
    • Second, you can try to remake the cert and key and see if there was just some error the first time.
    • Third, I would try to figure out if the SSL version is correct. I’m not especially sure how this works, but when I ran into this issue once, somebody had said that the TLS version was incorrect.
    • Last, I would just try to reinstall openSSL and generate a new key.


  • It worked! thanks for the support 🙂 but i have another question is it possible to use a signed certificate because now when i go to the magic mirror page i receive “your connection is not private”.


  • Module Developer

    @Lorenz
    In order to get a signed certificate, you need to go through a CA or certificate authority. Most of the time, magic mirrors are run on localhost and therefore cannot get a signed certificate so you just have to trust the IP on your browser and deal with the fact that it is not “trusted”.
    If you do happen to have a domain lying around, you can get a signed certificate for that and then use it to have a trusted website, but that’s a bunch of work and usually not worth it. If you do decide to go that route, there are a couple of places to sign certificates for free and I would suggest a quick google search to find them.



  • Thank you for the information! I have a PWA to control the magic mirror but a PWA is always https. So my http requests are not allowed but for my PWA i used let’s encrypt for a free certificate. Is it possible to make a wildcart cetficate for my PWA and use the same for the magic mirror?


  • Module Developer

    I’m not familiar with how a PWA works so I’m not quite sure what you are asking here. Are you saying that you have a PWA running that has a valid ssl encryption and you want to send requests from the PWA to your magic mirror, but they are being blocked due to mixed content policies?
    What happens when you request to the magic mirror that is using the unsigned certificate?
    A wildcard certificate handles subdomains so if you wanted to use the same certificate you would need to point a subdomain to your magic mirror.