getUserMedia - Secure Origins

In the latest release of Google Chrome, Google has enforced a rule that they had previously stated they would which requires that any page requesting camera or microphone access through "getUserMedia" be delivered from localhost or a server serving pages with HTTPS. [1], [2]


HTTPS is a "secure" version of HTTP. It uses SSL or TLS to encrypt the contents of HTTP. Traditionally it has been used for banking and other more sensitive content, now it's use is widespread.

Normally to serve pages with HTTPS you need to get certificate that verifies your identity from a Certificate Authority.

At ITP we purchased a "wildcard" certificate which can be used on any server that uses the domain. I went ahead and created a DNS entry for each of you that sent me your net-id and server IP. This means that if you install and use our certificate (which I'll email) correctly, you can serve your pages via without hassle.

Down the road, you might want to checkout Let's Encrypt, a new service which provides free certificates.

More about Public Key Cryptography: Public Key Cryptography: Diffie-Hellman Key Exchange

Using HTTPS with Node.js

Fortunately, node has a drop in replacement for the "http" library called "https". Here is a basic https webserver example:

var https = require('https');
var fs = require('fs'); // Using the filesystem module
var url =  require('url');

var options = {
  key: fs.readFileSync('my-key.pem'),
  cert: fs.readFileSync('my-cert.pem')

function handleIt(req, res) {
	var parsedUrl = url.parse(req.url);

	var path = parsedUrl.pathname;
	if (path == "/") {
		path = "index.html";

	fs.readFile(__dirname + path,

		// Callback function for reading
		function (err, fileContents) {
			// if there is an error
			if (err) {
				return res.end('Error loading ' + req.url);
			// Otherwise, send the data, the contents of the file
	// Send a log message to the console
	console.log("Got a request " + req.url);

var httpServer = https.createServer(options, handleIt);

If you use this in place of a regular http version of our servers, the getUserMedia requests will work.