getUserMedia - Secure Origins

In the latest release of Google Chrome, Google has enforced a rule that they had previously stated they would which requires that any page requesting camera or microphone access through "getUserMedia" be delivered from localhost or a server serving pages with HTTPS. [1], [2]


HTTPS is a "secure" version of HTTP. It uses SSL or TLS to encrypt the contents of HTTP. Traditionally it has been used for banking and other more sensitive content, now it's use is widespread.

Normally to serve pages with HTTPS you need to get certificate that verifies your identity from a Certificate Authority.

At ITP we purchased a "wildcard" certificate which can be used on any server that uses the domain. I went ahead and created a DNS entry for each of you that sent me your net-id and server IP. This means that if you install and use our certificate (which I'll email) correctly, you can serve your pages via without hassle.

Down the road, you might want to checkout Let's Encrypt, a new service which provides free certificates.

More about Public Key Cryptography: Public Key Cryptography: Diffie-Hellman Key Exchange

Using HTTPS with Express and Node.js

Fortunately, node has a drop in replacement for the "http" library called "https". Here is a basic https webserver example with Express:

// We need the file system here
var fs = require('fs');
// Express is a node module for building HTTP servers
var express = require('express');
var app = express();

// Tell Express to look in the "public" folder for any files first

// If the user just goes to the "route" / then run this function
app.get('/', function (req, res) {
  res.send('Hello World!')

// Here is the actual HTTP server 
// In this case, HTTPS (secure) server
var https = require('https');

// Security options - key and certificate
var options = {
  key: fs.readFileSync('my-key.pem'),
  cert: fs.readFileSync('my-cert.pem')

// We pass in the Express object and the options object
var httpServer = https.createServer(options, app);

// Default HTTPS port
If you use this in place of a regular http version of our servers, the getUserMedia requests will work.