This project provides a simple setup for running a local Nginx web server with a browser-trusted SSL certificate for HTTPS. It uses Docker Compose for service management and mkcert for certificate creation.
This setup is ideal for local development of web applications that require a secure context (https://) without the browser's "Your connection is not private" warnings.
Before you begin, ensure you have the following installed on your system:
- Docker
- Docker Compose
- mkcert (A simple tool for making locally-trusted development certificates)
brew install mkcert
.
├── certs/
│ ├── localhost.crt
│ └── localhost.key
├── docker-compose.yml
├── html/
│ └── index.html
├── nginx/
│ └── conf.d/
│ └── default.conf
└── README.md
certs/: Stores the SSL certificate and private key generated bymkcert.docker-compose.yml: Defines and configures the Nginx service.html/: Contains the static website files served by Nginx.nginx/conf.d/: Holds the Nginx server block configurations.
You only need to do this once per machine. This command installs a new local CA into your system's trust stores, making any certificates it generates trusted by your browsers.
mkcert -installNavigate to the root of this project directory. The following command will generate a certificate (localhost.crt) and a private key (localhost.key) inside the certs/ directory.
The certificate will be valid for localhost, 127.0.0.1, and ::1.
# Create the directory if it doesn't exist
mkdir -p certs
# Generate the certificate
mkcert -key-file ./certs/localhost.key -cert-file ./certs/localhost.crt "localhost" 127.0.0.1 ::1With the certificates generated, you can now start the Nginx container using Docker Compose.
docker compose up -dOpen your browser and navigate to https://localhost.
You should see the static page served securely over HTTPS, with a valid certificate lock icon in the address bar and no security warnings.
To stop and remove the Nginx container, run:
docker compose down