There are 2 use cases for which was https implemented:
serveronly clientonlyThis use case with output from the pi on the screen and accessing the mm url’s with https was never implemented.
The above hack from @rafhtl seems not to work with the current electron version.
You can get it working if you put the following lines under the line with mainWindow = new BrowserWindow(electronOptions); in js/electron.js:
mainWindow.webContents.session.setCertificateVerifyProc((request, callback) => { callback(0); //this means trust this domain })And electron must use https so you have to change the prefix in the following lines to https in the else section or put tls: true, in the config.js.
I’m interested in this usecase because I see nothing what could be protected with https. Everybody who knows your url e.g. https://192.168.0.33:8080/ has full access to your config calling https://192.168.0.33:8080/config/ and can see all your secrets, so I would never run MM in public without protection.