mTLS support to run URLs over HTTPS served from localhost

Devis · June 12, 2025, 4:19pm

How can I set up certificates to run webapps over HTTPS that are being served from my local machine?

sanjeev · June 13, 2025, 3:09am

Are you looking for client cert authentication ?

Devis · June 13, 2025, 1:21pm

I tried this but I wasn’t able to make it work. For now I’m using onSslError to bypass this issue, but I was wondering how I can make it work properly.

I have my PEM files set up with my local server, but if I convert them to PKCS12 and then get the Base64 string, it won’t still work.

sanjeev · June 13, 2025, 7:44pm

Converting PEM to PKCS12 and add it as base64 string is what expected. If possible can you please help how i can repro this at my end.

Devis · June 13, 2025, 7:59pm

@sanjeev sure thing. So here’s what I did:

Convert my PEM files to .p12

openssl pkcs12 -export \
  -in myCert.pem \
  -inkey myKey.pem \
  -out newCertificate.p12 \
  -name "MyLocalCert" \
  -passout pass:randomPassword123

Encode to Base24

base64 -w 0 newCertificate.p12 > base64Certificate.p12.b64

Copy and paste the Base64 string and password to handleWithPkcs12

onClientCertAuthentication={(_, callback) => {
    callback.handleWithPkcs12({
          certificate: "<my base64 string>",
          password: "randomPassword123"
    });
}}

Rahul · July 30, 2025, 7:03pm

@Devis - Few things to confirm which would help us to root cause the issue -

if you bypass the SSL certification check using onSslError with your local server setup then does it work ? which confirm that local server is correctly handling the SSL certification.
Once you converted the certificate from PEM to .PK12 did you tried loading that certificate in your laptop certificate toolchain and access the local url from laptop browser , if not please try it wout? this will help us to confirm that the .PK12 was converted correctly.
If above both are correct then i generally use the below command to extract the certificate details in string format from .pk12 file and pass that to the onClientCertAuthentication and it should work.

openssl base64 -in ~/Download/bbc.pk12 -out bbc_cert

It the issue still doesn’t get fix, then could you please share the .vpkg file and log for us to look into to see what’s going on with the connection.

Devis · August 13, 2025, 3:34pm

Hi Rahul,

Sorry for the late response, I haven’t checked this yet. I will try this out and I’ll keep you posted.

And to confirm, yes, I can bypass the check with this:

onSslError={(_, callback) => {
    callback.proceed()
}}

Thank you!

Amz_Rsk · August 18, 2025, 3:37pm

Hi @Devis ,

Please let us know if you were able to check on the suggestions and if we can close this.

Thanks,
Rohit

Amz_Rsk · August 29, 2025, 2:43pm

Hi @Devis ,

We are closing this post for now.
If you have issues or questions, you can reply to this post within 14 days.
Post that, you can still create new posts if needed.

Thanks,
Rohit

Topic		Replies	Views
Proper URI Handling for Local Assets in Kepler (ToastKepler and W3C Media Video) Q&A	23	225	April 23, 2026
Unable to install pem certificates Q&A appstore-fire-tv	1	96	December 5, 2025
Decrypting traffic using Charles Proxy Q&A appstore-fire-device	7	559	October 27, 2025
Webview, load local file url and additional files Q&A vega-web-app	6	132	March 20, 2026
DRM playback in a web view served from a local file Q&A	5	94	April 21, 2026

mTLS support to run URLs over HTTPS served from localhost

Related topics