HTTPS request are blocked

[nielsvangijzen]

Is it possible to expose the 443 port in order to test HTTPS routes?

[chilio]

Exposing 443 port is not sufficient for testing with HTTPS, although this is already done in :dev tag....
But Dusk testing will not work since WebServer in this package (NGINX) is not configured to handle SSL traffic and thus any communication via SSL will fail.
I am currently working on a solution for HTTPS testing, and it will be ready soon...

[nielsvangijzen]

I already thought it wasn't going to be that easy, thanks for the effort though it would help me out a lot!

[chilio]

Hey @nvangijzen here is what have been done so far in :dev image:

1. 443 port is exposed
2. Nginx configured with self signed certificate
3. New driver args configured in DuskTestCase.php:

            '--disable-gpu',
            '--headless',
            '--no-sandbox',
            '--ignore-certificate-errors',
            '--start-maximized',
        ]);

But unfortunately dusk is not passing although wget https://localhost --no-check-certificate renders properly....

I will investigate it more in depth in some spare time....

[chilio]

Unfotunately chromedriver argument --ignore-certificate-errors does not seem to work, which could enable us to proceed with self-signed certificates.
Testing your app without SSL, does not introduce any disadvantages in your dev environments.
Moreover you should test your app without https:// -> performance wise....
SSL termination is usually done by loadbalancers, so there is no need to doublecheck SSL functionality...
You can always embed SSL compliance, by installing proper SSL certificate, for certain site in nginx, using ubuntu commands in your .gitlab-yml.
Taking into consideration, notes obove, I am closing this issue....