Make Local Development Feel Like Production: HTTPS for Custom Domains in Next.js

2026-01-28 . 0 min read

Why Secure Features Fail Locally

Local development often feels too “fake.” Cookies don’t set, authentication breaks, and subdomains behave differently; All because browsers enforce HTTPS, even locally. Next.js’ --experimental-https helps, but only for localhost. Custom domains? Forget it.

The fix is simple: mkcert + a custom HTTPS server. Generate trusted certificates for your local domain and run Next.js behind HTTPS:

import https from 'https';
import fs from 'fs';
import next from 'next';

const app = next({ dev: true, hostname: 'custom.localdomain.com', port: 3000 });
const handle = app.getRequestHandler();

app.prepare().then(() => {
  https.createServer(
    {
      // the certificates are generated on the same directory where you run mkcert
      key: fs.readFileSync('./certs/custom.localdomain.com-key.pem'),
      cert: fs.readFileSync('./certs/custom.localdomain.com.pem'),
    },
    (req, res) => handle(req, res)
  ).listen(3001, () => console.log('https://custom.localdomain.com:3000'));
});

Then instead of running next dev run this server file to start the dev server.

Hey I assume you finished reading, I would love to know your feedback or if found any error or mistake in this blog post, please do not hesitate to reach out to me.