{"id":13471,"library":"live-server-https","title":"Live Server HTTPS Options","description":"This package (`live-server-https`) provides `tls.createServer` options, including a pre-generated SSL/TLS certificate, to enable HTTPS for local development servers, primarily with `live-server`. It aims to simplify the setup of HTTPS on localhost without manual certificate generation. The current version is 0.0.2. Given its low version number and lack of updates on its GitHub repository since November 2022, its release cadence is non-existent, and it appears to be an abandoned project. Its key differentiator is providing a plug-and-play certificate for `tls.createServer`, specifically designed for integration with `live-server`'s `--https` flag, which expects a module path. However, the pre-generated certificate is not from a trusted authority, leading to browser warnings.","status":"abandoned","version":"0.0.2","language":"javascript","source_language":"en","source_url":"https://github.com/pirtleshell/live-server-https","tags":["javascript","live-server","serve","localhost","https","ssl","tls","certifcate","createServer"],"install":[{"cmd":"npm install live-server-https","lang":"bash","label":"npm"},{"cmd":"yarn add live-server-https","lang":"bash","label":"yarn"},{"cmd":"pnpm add live-server-https","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"This package is designed to provide HTTPS options specifically for the `live-server` development server. While not a direct `package.json` dependency, it's the primary intended use case for its functionality.","package":"live-server","optional":true}],"imports":[{"note":"The package exports a simple options object for `tls.createServer`. The `require` syntax is shown in the README, but ESM `import` is the modern approach.","wrong":"const https = require('live-server-https')","symbol":"https","correct":"import https from 'live-server-https';"},{"note":"This is a Node.js built-in module. While the `require('tls')` pattern is used in the example, direct named import is also valid in ESM contexts for built-in modules.","wrong":"const tls = require('tls'); const createServer = tls.createServer;","symbol":"createServer","correct":"import { createServer } from 'tls';"}],"quickstart":{"code":"const tls = require('tls');\nconst httpsOptions = require('live-server-https');\n\nconst server = tls.createServer(httpsOptions, (socket) => {\n  console.log('server connected', socket.authorized ? 'authorized' : 'unauthorized');\n  socket.write('welcome!\\n');\n  socket.setEncoding('utf8');\n  socket.pipe(socket);\n});\n\nserver.listen(8000, () => {\n  console.log('HTTPS server bound on port 8000');\n});\n\n// Example of how to use with live-server from CLI (after global install):\n// live-server --https=/usr/local/lib/node_modules/live-server-https --port=8080\n// (adjust path based on your global npm installation)\n","lang":"javascript","description":"Demonstrates programmatic use of the `live-server-https` options object with Node.js's `tls.createServer` to start an HTTPS server, and illustrates the command-line usage with `live-server`."},"warnings":[{"fix":"This is a security feature, not a bug. For development, accept the browser warning. For production, use a trusted CA-issued certificate.","message":"When accessing the HTTPS server in a browser, a 'certificate not from a trusted authority' warning will appear. This is expected as the certificate is self-signed and not issued by a recognized Certificate Authority. Users must manually 'unsafely proceed' or add an exception.","severity":"gotcha","affected_versions":">=0.0.1"},{"fix":"Consider using alternative, actively maintained solutions for HTTPS development servers like `http-server` with custom certificates, or the built-in HTTPS options of `live-server` if updated, which allows specifying `cert` and `key` files.","message":"The `live-server-https` package appears to be abandoned, with no new releases or code contributions since November 2022 and a very early version number (0.0.2). This means it will not receive updates for security vulnerabilities, bug fixes, or compatibility with newer Node.js versions or `live-server` releases. Relying on this package for any critical development is risky.","severity":"breaking","affected_versions":">=0.0.2"},{"fix":"For production or shared development environments, always generate your own unique SSL/TLS certificates using tools like OpenSSL or obtain them from a trusted Certificate Authority.","message":"The pre-generated certificate included with this package is valid until the year 3017. While this is an extremely long validity period, in real-world scenarios, using pre-generated or self-signed certificates for anything beyond simple local development is a security risk due to potential key exposure or lack of trust.","severity":"gotcha","affected_versions":">=0.0.1"}],"env_vars":null,"last_verified":"2026-04-19T00:00:00.000Z","next_check":"2026-07-18T00:00:00.000Z","problems":[{"fix":"Locate the correct global path by running `npm -g ls live-server-https` and then construct the full path for the `--https` flag, e.g., `live-server --https=$(npm root -g)/live-server-https` or `live-server --https=./node_modules/live-server-https` if installed locally.","cause":"The `--https` flag for `live-server` expects a path to the module, and the exact global installation path can vary between npm versions or operating systems.","error":"Error: Cannot find module 'live-server-https' or similar path errors when using live-server --https"},{"fix":"Click 'Advanced' or 'Proceed to unsafe/untrusted site' in your browser to bypass the warning for local development. This is expected behavior for self-signed certificates.","cause":"The certificate provided by `live-server-https` is self-signed and not issued by a trusted Certificate Authority, which causes browsers to warn users about potential security risks.","error":"Browser displaying 'Your connection is not private' or 'NET::ERR_CERT_AUTHORITY_INVALID'"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null,"pypi_latest":null,"cli_name":"","cli_version":null}