Skip to main content

Encrypting Localhost Traffic

On Windows and Linux, Eggplant Studio shows a notification the first time it gets opened in the sidebar. The notification prompts you whether you want to enable encryption for localhost network traffic using self-signed certificates. While not strictly necessary, encrypting localhost traffic with HTTPS offers some security benefits.

Upon accepting the prompt, Eggplant Studio generates self-signed certificates and attempts to import them into the system's trust store. Afterwards, it launches the Eggplant Gateways (EPGW) process, which uses the certificates to encrypt the connection-related traffic between Eggplant Studio and EPGW. If the EPGW process fails to enable HTTPS, it will fall back to using HTTP.

note

On Windows and Linux, you can enable encryption by running the >Eggplant Studio: Enable Self Signed Certificates command.

On Mac, you must bring your own trusted certificates.

Troubleshooting Issues with Localhost Encryption

If you accepted the notification and that resulted in proxy or certificate errors when using the extension, you can follow the steps below to troubleshoot them.

You can either:

Disable encryption:

To troubleshoot, run the >Eggplant Studio: Disable Self Signed Certificates command to determine if encrypted traffic is causing issues. If this resolves the problem, it indicates that either VS Code or a proxy does not trust the certificate used by Eggplant Studio.

If there is no strict security requirement, you can continue using Eggplant Studio with certificates disabled.

Bring Your Own Trusted Localhost Certificates:

tip

This feature allows users to use their own certificates to encrypt the traffic in localhost on all Operating Systems.

Provide Eggplant Studio with a pair of localhost certificates (valid for 127.0.0.1, not public domains) that your system trusts by setting the following environment variables prior to lanching Visual Studio Code:

# Path to the PKCS8 PEM encoded certificate pair
EPGW_HTTPS_CERT_PATH=/path/to/public.crt
EPGW_HTTPS_KEY_PATH=/path/to/private.key
# Password for the private key if encrypted
EPGW_HTTPS_KEY_PASSWORD=some_password
note

To disable encryption, remove the environment variables and restart VS Code.