Samuel Williams

Interesting, I'll probably need to take a closer look. Thanks for reporting back.

Can you let me know what version of falcon you are using?

Can you show me your current `falcon.rb` configuration? Yes, by default it will use `ssl/` directory for certificates. https://github.com/socketry/falcon/blob/master/lib/falcon/configuration/tls.rb#L31-L38 So, is it working, or you still having the same issues?

The `tls` environment should be sufficient. Can you try using `curl --insecure` and see what it prints out?

I see what's going on. The normal TLS termination is at the falcon virtual load balancer. `falcon host` by default is for the internal termination. So, you forced it to...

`falcon serve` does not use `falcon.rb`, it only looks at `config.ru`. `falcon.rb` is only used by `falcon host` which is a more complex mechanism that supports multiple hosts, rolling restarts,...

It's not well documented I guess since you didn't find it but it is explained here too: https://github.com/socketry/localhost#self-signed-localhost

Yes this is a totally acceptable way to do it. That `.localhost` directory is considered a place for your local development certificates.

I will check this tomorrow.

Sorry, I lost track of this issue. I'll take a look at my earliest convenience.