petters

It will still work on localhost, which is nice. It would be nice if it also worked on local IPs, like 192.168... Those do not work on Chrome, I think, which make mobile testing a bit more cumbersome.

hannob

> It would be nice if it also worked on local IPs, like 192.168...

That would defeat the security purpose.

Anyone within your local network (which practically speaking very often means the next Wifi your device could find) could attack you.

mort96

But how do you do local development when you can't get an SSL cert for your dev machine's server? No, self signed certs don't always do what you need, especially on mobile where you can't just add your cert as a trusted cert easily.

comex
If you own a domain, you can add a subdomain that points to the local network IP, and get Let's Encrypt to give you a certificate using the dns-01 validation method (which doesn't require Let's Encrypt to actually access the IP address in the A record).

This is clearly more complicated than ideal, but it should work.

Edit: You can also use a custom CA root certificate, which can be installed on iOS etc. mkcert is a good starting point:

https://github.com/FiloSottile/mkcert