1

I'm trying to expose my local dev site through ngrok. My site uses https (on port 7443) and because I use OpenConnect for auth, I have a hostname setup in my windows hosts file (e.g. "127.0.0.1 aaa.bbb.ccc.com"). Locally I access the site through https://aaa.bbb.ccc.com:7443 (I can't change this or OpenConnect will break).

I have created a reserved domain in the ngrok dashboard, but I don't know how to create a CNAME entry - does this require another entry in the hosts file?

I'm trying to run ngrok with this command:

ngrok tls -hostname=aaa.bbb.ccc.com 7443

but it says I must provide a single argument. If I use

ngrok tls -hostname=aaa.bbb.ccc.com:7443

I get "Tunnel session failed: You must reserve a custom hostname for your account before it can be bound. Failed to bind the domain 'aaa' for the account 'xxxx' - it doesn't like the subdomains.

SturmUndDrang
  • 1,876
  • 5
  • 27
  • 47

1 Answers1

0

First, you should know that the hostname and tls options do not come with the free version of ngrok. If you are using the paid version, then this is what you need to do:

  • Reserve a domain in your dashboard and obtain the CNAME
  • If you have registered the domain in the internet, go to the site where you registered it and change the dns settings to allow your current subdomain to point to the CNAME from ngrok (From what I see, the domain is not an internet domain so this option might not work for you)
  • For a local domain, try pointing the domain to the ngrok CNAME in your host file "<CNAME> aaa.bbb.ccc.com"
  • Start up ngrok and point it to the port where your local server is running e.g ngrok tls -hostname=aaa.bbb.ccc.com:7443 if your server is running on 7443

NOTE: You might want to start the server with the http option instead of the tls option if you don't require a secured ssl connection (https)

Ken4scholars
  • 6,076
  • 2
  • 21
  • 38
  • I upgraded to the paid version to try this. I also tried adding the entry in my hosts file (using the ip address of CNAME), but that didn't work (502 bad gateway error). – SturmUndDrang Dec 16 '16 at 12:16
  • If you are using tls, then you need a signed certificate for the domain, else most services will not accept it (assuming you are trying to setup a web hook). I had this problem a few days ago, so tell me in details what you have done and the results you are getting, I might be able to help – Ken4scholars Dec 16 '16 at 17:28
  • I have a certificate issued to *bbb.ccc.com, which is installed in my IIS server. In the bindings for the site I am using this SSL certificate. Will I have to use TLS client termination so that ngrok knows about this cert? e.g. "ngrok tls -crt tls.crt -key tls.key 443" – SturmUndDrang Dec 19 '16 at 11:13
  • @Silverfox, if you run the IIS server with the certificate installed in it, then you don't need to run ngrok with the certificate. As long as you are using a different hostname will allow the IIS server to terminate the connection. So assuming IIS is running on port 443, then run ngrok like this. `ngrok tls -hostname=aaa.bbb.ccc.com:443` Make sure that the CNAME you got from ngrok points to aaa.bbb.ccc.com exactly. I assume you have already changed your dns settings in the internet to allow your subdomain to point to the CNAME you got from ngrok. – Ken4scholars Dec 19 '16 at 21:15