Developer Guide

Written by Casper Fenger Jensen • Updated 2026-04-14

How to Run Node.js, Express, Fastify, or NestJS Dev on HTTPS

Run a local Node.js server behind a real HTTPS URL without wiring custom TLS code into your app. Bore works well for Express, Fastify, NestJS, and custom Node servers.

Many Node.js developers search for HTTPS dev setup when what they really need is a secure public URL for callbacks, cookies, browser APIs, or partner testing. Bore lets the local Node server stay simple on localhost while HTTPS terminates at the Bore edge.

how to https node run devhttps express localhostfastify https devnestjs local https

Install Bore

curl -sL https://bore.dk/install.sh | bash

Works with common Node frameworks

Avoids custom cert files in app code

Useful for callbacks, webhooks, and secure browser flows

How It Works

Simple local workflow, real HTTPS externally

Step 1

Start the Node server normally

Run Express, Fastify, NestJS, Hono, or a custom Node server on a local port like 3000.

Step 2

Expose it with Bore

Bore creates the public HTTPS URL while the local Node process keeps listening on localhost.

bore up 3000

Step 3

Use the HTTPS URL in integrations

Point auth callbacks, browser clients, webhook senders, or QA flows at the Bore hostname.

Step 4

Reserve a child host for a second service if needed

If the API or admin surface should use a second origin, Bore can route a child host to another local port.

bore host add <namespace> api
bore host set-port <namespace> api 3001

Where Bore Differs

Bore can keep HTTPS on reserved child hosts too

Most tunnel workflows stop at one public hostname. Bore can keep your main app on one HTTPS namespace and reserve a child host like `api.<namespace>.bore.dk` for a second local service.

bore host add <namespace> api
bore host set-port <namespace> api 3001

That matters when frontend and API origins need to stay separate in local development, or when webhook, auth, and admin traffic should not all share one hostname.

FAQ

Common questions

Do I need https.createServer for local Node dev?

Only if the Node process itself must terminate TLS locally. For many development flows, Bore can provide HTTPS without changing the app server code.

Can I use this with Express, Fastify, and NestJS?

Yes. Bore sits in front of the local server, so it works with the common Node.js web frameworks.

Can the frontend and API use separate HTTPS origins?

Yes. Bore supports reserved child hosts like api.<namespace>.bore.dk and can route them to a different local port.

Related Guides

More HTTPS development guides

View all guides

How to Put a React App on HTTPS in Development

Expose a React development app over HTTPS for secure browser APIs, embedded flows, mobile testing, and auth callbacks without setting up local certificate chains.

How to Run Next.js Dev on HTTPS

Use Next.js locally with a real HTTPS URL for auth flows, secure cookies, preview links, and webhook callbacks. Bore exposes Next.js dev over HTTPS without local certificate setup.

How to Use Vite on HTTPS Locally

Test a Vite app over HTTPS without switching your development workflow to custom local certificates. Bore gives your Vite dev server a real HTTPS URL in one step.

How to Expose a Local API Over HTTPS

Put a local API on a real HTTPS URL for browser clients, mobile apps, webhook callbacks, and partner integrations without adding local TLS complexity.