From 3469a07841114bdf599dbdc3770b14d8d590bc33 Mon Sep 17 00:00:00 2001
From: Sean Hammond <git@seanh.cc>
Date: Thu, 9 Apr 2015 15:54:34 +0100
Subject: [PATCH] Add docs for serving ssl in development

---
 docs/HACKING.rst | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/docs/HACKING.rst b/docs/HACKING.rst
index 323ba7ae645..ccc7a2ab74b 100644
--- a/docs/HACKING.rst
+++ b/docs/HACKING.rst
@@ -206,3 +206,25 @@ embedded in the page.
 
 The full range of possibilities here is still in need of documentation and we
 would appreciate any help to improve that.
+
+
+Serving h over SSL in development
+---------------------------------
+
+If you want to annotate a site that's served over https then you'll need to
+serve h over https as well, otherwise the browser will refuse to launch h and
+give a mixed-content warning.
+
+To serve your local dev instance of h over https:
+
+1. Generate a private key and certificate signing request::
+
+    openssl req -newkey rsa:1024 -nodes -keyout key.pem -out req.pem
+
+2. Generate a self-signed certificate::
+
+    openssl x509 -req -in req.pem -signkey key.pem -out server.crt
+
+3. Run ``gunicorn`` with the ``certfile`` and ``keyfile`` options::
+
+    gunicorn --reload --paste conf/development.ini --certfile=server.crt --keyfile=key.pem