Use https for local development

[ggetz]

There are certain newer browser features that will not work using http and require https instead. Moving to https/2 may also give us a performance benefit when developing locally.

[ptrgags]

Just a note, if we do something like this, it might be a good idea to document some tips for serving static files locally over HTTPS, since the browser complains when you mix HTTPS and HTTP.

Why? I find it useful to host my local tilesets/glTF models from a separate static server (to avoid accidentally committing large files, and because I have multiple clones of cesium for my work + reviewing PRs). I tend to use the npm module http-server since it's easy to set up.

In my case, using HTTPS locally wouldn't be hard but requires a couple more steps:

• Create a self-signed certificate (e.g. via OpenSSL, though I see there's now a mkcert tool for this after reading here's one article on this). Obviously this should be done with care, restrict it to localhost only, etc.
• update the static server to server over HTTPS, this requires referencing the generated .pem file. for me it looks like that would be http-server --ssl --cert cert.pem but obviously varies depending on the server.

Not too hard to set up, but would be good to document best practices for newcomers. SSL isn't always obvious if you haven't seen it before.