sslip.io

Turn your red lock into a green lock!

2015-09-12: This service is no longer available. The original certificate for the sslip.io domain has been revoked and a new one issued on the condition that the private key not be published. Pivotal Software employees may access the key via Google Drive. If you're interested in deploying a custom version of sslip.io, follow these instructions.

What is it?

sslip.io is a means for developers to test against valid SSL certificates without the bother of purchasing them. Two components make this possible:

a special DNS backend that maps crafted hostnames to IP addresses (e.g. 192-168-0-1.sslip.io resolves to 192.168.0.1) (similar to xip.io)
a wildcard SSL certificate for *.sslip.io and the corresponding key, both downloadable from GitHub

Install the certificate and key on the server, modify the server's configuration to use the certificate and key, and restart the daemon. After that, browse the server using the sslip.io hostname via HTTPS (e.g. https://52-0-56-137.sslip.io) and receive a valid SSL connection (green lock), all in a matter of seconds.

How do I use it?

First, find your server's IP address to determine its sslip.io hostname

Your server's sslip.io hostname is a mash-up of your server's IP address and the sslip.io domain. Here are some examples:

Server's IP Address	sslip.io Hostname
127.0.0.1	127-0-0-1.sslip.io
192.168.1.80	192-168-1-80.sslip.io
172.16.0.80	172-16-0-80.sslip.io
52.0.56.137	52-0-56-137.sslip.io

Second, download sslip.io's SSL certificate and key from GitHub

Download the SSL key (sslip.io.key.pem) and wildcard SSL certificate chain (sslip.io.chained.crt.pem) from GitHub. You may use curl if you prefer the command line:

curl -OL https://raw.githubusercontent.com/cunnie/sslip.io/master/ssl/sslip.io.key.pem
curl -OL https://raw.githubusercontent.com/cunnie/sslip.io/master/ssl/sslip.io.chained.crt.pem

Third, configure the webserver with the SSL certificate & key

Configure the server's configuration file's SSL portion to use the SSL certificate & key downloaded from GitHub. Here is a sample from sslip.io's webserver's nginx.conf (modified for clarity):

server {
  listen              443 ssl;
  ssl_certificate     /etc/ssl/sslip.io.chained.crt.pem;
  ssl_certificate_key /etc/ssl/sslip.io.key.pem;

Here's a similar configuration for Apache 2.4's httpd-ssl.conf:

Listen 443
SSLCertificateFile "/etc/ssl/sslip.io.chained.crt.pem"
SLCertificateKeyFile "/etc/ssl/sslip.io.key.pem"

Finally, restart your webserver and browse to its sslip.io address via HTTPS

Browse to your webserver's sslip.io hostname, e.g. https://52-0-56-137.sslip.io (assuming that 52.0.56.137 is the IP address of your webserver, which it isn't because that's the IP address of our webserver). Admire the beautiful green lock in your browser's address bar.