Developer Guide

Written by Casper Fenger Jensen • Updated 2026-04-14

HTTPS for Child Subdomains in Local Development

Bore lets you expose a local app on one HTTPS hostname and a second local service on a reserved child host like api.bo.bore.dk. That makes app and API origin splits much easier in development.

This is the Bore feature that matters when one public URL is not enough. If your namespace is `bo.bore.dk`, Bore can also reserve `api.bo.bore.dk` and keep HTTPS on that child host while routing it to a different local port.

https custom subdomain tunnelssl child subdomain localhostapi subdomain https local dev

Install Bore

curl -sL https://bore.dk/install.sh | bash

Keep app and API on separate HTTPS origins

Reserve child hosts under the same namespace

Route each child host to its own local port

How It Works

Simple local workflow, real HTTPS externally

Step 1

Create the main tunnel

Start your main app on localhost and expose it with Bore.

bore up 3000

Step 2

Reserve the child host

If your namespace is `bo`, reserve `api.bo.bore.dk` with the host add command.

bore host add bo api

Step 3

Route the child host to a different port

Point the child host at a backend, API server, or another local service.

bore host set-port bo api 3001

Step 4

Use the split HTTPS origins in development

Keep the frontend on `https://bo.bore.dk` and the API on `https://api.bo.bore.dk` without local certificate gymnastics.

Where Bore Differs

Bore can keep HTTPS on reserved child hosts too

Most tunnel workflows stop at one public hostname. Bore can keep your main app on one HTTPS namespace and reserve a child host like `api.<namespace>.bore.dk` for a second local service.

bore host add <namespace> api
bore host set-port <namespace> api 3001

That matters when frontend and API origins need to stay separate in local development, or when webhook, auth, and admin traffic should not all share one hostname.

FAQ

Common questions

What makes Bore different from other dev tunnels?

Bore can reserve HTTPS child hosts under your namespace and route them independently. That is useful when the main app and API need different origins during development.

Can I add HTTPS to api.bo.bore.dk in Bore?

Yes. After the namespace is reserved, Bore can reserve child hosts such as api.bo.bore.dk and route them to a chosen local port.

Why is child-host HTTPS useful in development?

It helps when your app depends on separate frontend and API origins, domain-based auth rules, or multi-service local environments that need realistic hostnames.

Related Guides

More HTTPS development guides

View all guides

How to Split Frontend and API Origins in Local HTTPS Development

Keep the frontend and API on separate HTTPS origins in local development so you can test CORS, cookies, auth rules, and realistic host-based behavior.

How to Expose a Local API Over HTTPS

Put a local API on a real HTTPS URL for browser clients, mobile apps, webhook callbacks, and partner integrations without adding local TLS complexity.

How to Open Localhost on HTTPS From Your Phone or Another Device

Test a local app or API on a phone, tablet, or another laptop over HTTPS without opening your whole machine to the internet or sharing raw LAN URLs.

How to Put a Local Website on HTTPS

Expose a local website over HTTPS without managing local certificates. Bore gives localhost a real HTTPS URL for browser testing, callbacks, and webhook flows.