Jekyll is a great static site generator for many reasons, but lets encrypt that traffic!
So you might be thinking why would I need SSL when running locally? That is a great question!
Let's assume you already have your Jekyll site and it's good to go. Now we just need to generate a local SSL certificate.
openssl will help us with that. The following will create a localhost certificate in the current directory, and it will be valid for 365 days. When running the following command, create a folder in your Jekyll site called
ssl and set your terminal to that location. Add this folder to your
.gitignore file as well, we dont need that uploaded to your remote git repository.
openssl req -x509 -out localhost.crt -keyout localhost.key -newkey rsa:2048 -nodes -sha256 -subj '/CN=localhost' -extensions EXT -config <( \
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth") -days 365
Now from Jekyll's Serve Command Options they show there is a
--ssl-cert, but not much else on how to use this or generating the required items.
Okay so now we have a certificate to use and the command options, how do we put that all together to run the website?
bundle exec jekyll serve --ssl-key ssl/localhost.key --ssl-cert ssl/localhost.crt
You see something like the following:
There is a known issue where the SSL files need to be local to the Jekyll site folder. You can read more about that here. If you like this approach and build many sites, you can have this certificate in one location and create a
symlink as well.
Now you can browse to
https://localhost. You might see a self-signed certificate issue, and since this is what we know about we can accept and continue to the site.
Hopefully you've been able to get to the same place as well as I did. You will need to install OpenSSL for the generation of the certificate. This is usually available in most Linux distribution software repositories, and on Windows, there are a few extra steps. Now you can test your site locally with SSL to mimic the production environment as close as possible.