I use this for local development with Azure Functions and have noticed that increasingly the proxy is unable to reconnect after the target server is shut down and restarted.

Sequence:

• Start app server
• Start proxy server
• Stop app server
• Make connection - connection fails with ECONNREFUSED (expected)
• Restart app server - connection still fails with ECONNREFUSED (not expected)
• Restart proxy server - connection is successful

Possibly related to
#108
or
#98

Currently using 2.0.5 + Node 18

I'm getting an error when trying to install:

nfml-AZG:dev dcalhoun$ npm install -g local-ssl-proxy
module.js:544
    throw err;
    ^

Error: Cannot find module '../lib/utils/unsupported.js'
    at Function.Module._resolveFilename (module.js:542:15)
    at Function.Module._load (module.js:472:25)
    at Module.require (module.js:585:17)
    at require (internal/module.js:11:18)
    at /usr/local/lib/node_modules/npm/bin/npm-cli.js:19:21
    at Object.<anonymous> (/usr/local/lib/node_modules/npm/bin/npm-cli.js:92:3)
    at Module._compile (module.js:641:30)
    at Object.Module._extensions..js (module.js:652:10)
    at Module.load (module.js:560:32)
    at tryModuleLoad (module.js:503:12)

This happens in both of these situations:

1. After running npm install -g local-ssl-proxy
2. After cloning the git repo and running npm install

I'm trying to proxy to GWT codeServer:

1. Start proxy with local-ssl-proxy --source 9899 --target 9876
2. Browser sends request 'https://127.0.0.1:9899/recompile/Mbo?locale=ru&user.agent=safari&_callback=__gwt_bookmarklet_globals.callbacks.c0'
3. codeServer handles it and starts processing
4. in console message Request failed to proxy: ECONNRESET appears
5. looks like codeServer receives request again. It starts processing

If I try send same request using curl, it prints after some seconds
curl: (56) SSLRead() return error -9806

MacOS, El Capitan

Would you be able to add headers like X-Forwarded-Proto and the like?

Thanks

Hi there @cameronhunter

Huge thanks for putting this together. Dependabot found a vulnerability in underscore@~1.6.0 via a transitive dependency on [email protected].

I see that nomnom is 10 years old and unmaintained, any plans to update packages?

If not, do you have time to review and merge a fix if I put in the work?

I am using this for a project and I am currently on version 1.3.0 and the newest release is 2.0.5 and I have no idea what the changes are and what's a breaking change. Can you add release notes between the major and minor releases?

I use the following command to start proxy: npx local-ssl-proxy
Certificate was working for me for a long time. But now I started to get following error:
Your connection isn't private
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards).
NET::ERR_CERT_AUTHORITY_INVALID

Looks like certificate is broken.

Thanks!

Hi team,

I cannot figure out a way to make a proxy with Custom DNS like
https://dev.mysite.com:3000 => http://dev.mysite.com:3000

Do you think it's possible to do? Note: I added the DNS into my hosts file already

As described in this Stack Overflow question (https://stackoverflow.com/questions/74669095/npm-install-fails-with-command-not-found-only-with-one-package), I'm having a problem installing this library ... and only this library.

When I try to, I get a "Command not found" error, which should translate into "you don't have npm installed idiot" ... but I can install other libraries (including ones with hyphens in their names) just fine.

It really looks like a problem with my system, but since it seems exclusive to this library I thought I'd check and see if this was somehow a (very strange) known issue.

local-ssl-proxy is causing security vulnerability warnings coming from the nomnom dependency.

It looks like this has already been addressed over a month ago in #106 (thanks @dooart) but the changes still haven’t been published to npm (https://www.npmjs.com/package/local-ssl-proxy).

If someone can publish the latest changes it would be much appreciated.

The browsers do not trust the self-signed certificate.

Can the CLI be used to generate a self-signed certificate file first so that we can trust it in the keychain manually?
And in the CLI, we can specify the generated certificate file that the system trusts it?

This package don't run.

$ local-ssl-proxy --source 9001 --target 9000

Started proxy: https://localhost:9001 → http://localhost:9000
Request failed to proxy: ECONNREFUSED

I saw another issue here for the same bug but that was opened in 2017 for Node.js version 17 originally. Today I upgraded to Node.js 18 and I see that I'm getting the same issue. Basically, when I try to run local-ssl-proxy --source 3000 --target 3001 I get the following response:

And in the console log:
Request failed to proxy: ECONNREFUSED
I've tried add NODE_OPTIONS=--dns-result-order=ipv4first in front of the command but it still fails.

Hey ! I use local-ssl-proxy a lot for my dev projects. The only drawback is that I'm always creating new .pem certificate files, so I think it would be interesting to have a global configuration.

For example, to avoid adding the two flags --key and --cert, local-ssl-proxy could check the ~/.local-ssl-proxy/ folder to find a certificate. This would make things simpler

That's just an idea, tell me what you think. Have a nice day 😃

The readme on npmjs seems to have an old example conf file, it won't currently work with that version because of the missing key lines.

SHA-1 has "can" already be "broken" so it would be good to stay with the times and upgrade the cert :)

Hi,

On Safari iOS 12.4, i get the following error when i try to connect to a web socket server on my local network :

WebSocket network error: The operation couldn’t be completed. (OSStatus error -9807.)

It seems that the self signed certificate are not accepted for ws communications.

I tried to validate the certificate manually by opening the web socket server as a web page in a new tab. The web page is displayed correctly but the wss establishment still fail.

Any idea ?

Using a config.json (per the instructions) fails where all details aren't provided, e.g:

{
  "My proxy": {
    "source": 3001,
    "target": 3000
  },
  "Another proxy": {
    "source": 9999,
    "target": 9000
  }
}

throws an error:

node:internal/fs/utils:671
    throw new ERR_INVALID_ARG_TYPE(propName, ['string', 'Buffer', 'URL'], path);
    ^

TypeError [ERR_INVALID_ARG_TYPE]: The "path" argument must be of type string or an instance of Buffer or URL. Received undefined
    at Object.openSync (node:fs:577:10)
    at Object.readFileSync (node:fs:453:35)
    at Object.<anonymous> (node_modules/local-ssl-proxy/build/main.js:25:31)
    at Module._compile (node:internal/modules/cjs/loader:1105:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1159:10)
    at Module.load (node:internal/modules/cjs/loader:981:32)
    at Function.Module._load (node:internal/modules/cjs/loader:822:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:77:12)
    at node:internal/main/run_main_module:17:47 {
  code: 'ERR_INVALID_ARG_TYPE'

Providing an SSL cert runs the proxy, but with undefined for the host:

Started My Proxy: https://undefined:3001 → http://undefined:3000

The certificate provided expires on 11th of January 2023.
Please consider updating the certificate.

python3 -m http.server --bind localhost 9000
sudo local-ssl-proxy --source 443 --target 9000

✔️

python3 -m http.server --bind 127.0.0.1 9000
sudo local-ssl-proxy --source 443 --target 9000

❌
Request failed to proxy: ECONNREFUSED

It would be very nice if you could get a certificate that does not trigger the browser warnings.

Hey ! I need to setup SSL certificate on local domain, I think it can be cool to proxy multiple hostnames