Enable HTTPS for a VIP Local Development Environment

By default, VIP Local Development Environment URLs resolve with HTTP rather than HTTPS, the secure browsing protocol. When developing locally, some users may have a need for URLs to resolve at HTTPS (e.g. applications with payment integrations). For HTTPS to work as expected, a trusted digital certificate issued by a certificate authority (CA certificate) for the local environment must be added to the user’s machine.

1. Identify the absolute local path of the CA certificate

Once a VIP Local Development Environment has been created, a CA certificate will be located on the user’s local machine.

Example local paths for the CA certificate vipdev.lndo.site.pem for a current user named “example-user”:

macOS: /Users/example-user/.local/share/vip/lando/certs/vipdev.lndo.site.pem
Windows: C:\Users\example-user\.local\share\vip/lando\certs\vipdev.lndo.site.pem
Ubuntu: /home/example-user/.local/share/vip/lando/certs/vipdev.lndo.site.pem

2. Configure the local machine to trust the CA certificate

The exact commands needed to trust the CA certificate will differ depending on the local machine’s operating system. Refer to Lando’s documentation for trusting the CA certificate for for macOS, Windows, and Debian command examples. When using the command examples in Lando’s documentation, substitute the path of the Lando certificate with the absolute local path of the CA certificate identified in Step 1.

Using the macOS path example from Step 1, and the command examples in Lando’s documentation, the command to trust the CA certificate would be:

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /Users/example-user/.local/share/vip/lando/certs/vipdev.lndo.site.pem

If the command is successful, the CA certificate will apply to a running local environment immediately without needing to restart. The trusted CA certificate will persist and can be used by all other VIP Local Development Environments that are created on that machine.