HMR does not work with proper SSL certificates

[l1x]

Describe the bug

I created a ZeroSSL certificate for the development environment because most browsers disabled http access to any domain other than localhost.

vite.config.ts

import { svelte } from '@sveltejs/vite-plugin-svelte'
import fs from 'fs'
import { defineConfig } from 'vite'

// https://vitejs.dev/config/
export default defineConfig({
  plugins: [svelte()],

  server: {
    https: {
      key: fs.readFileSync('./cert/app.loc.depoxy.dev.key.pem'),
      cert: fs.readFileSync('./cert/app.loc.depoxy.dev.crt.pem'),
    },
    hmr:{

    }
  },
  optimizeDeps: {
    exclude: ['@sveltestack/svelte-query'],
  },
})

Reproduction

This is reproducible

System Info

> npx envinfo --system --npmPackages '{vite,@vitejs/*}' --binaries --browsers

  System:
    OS: macOS 11.6.2
    CPU: (8) arm64 Apple M1
    Memory: 554.27 MB / 16.00 GB
    Shell: 3.3.1 - /opt/homebrew/bin/fish
  Binaries:
    Node: 14.18.1 - /opt/homebrew/opt/node@14/bin/node
    Yarn: 1.22.17 - /usr/local/bin/yarn
    npm: 8.1.0 - /opt/homebrew/bin/npm
  Browsers:
    Brave Browser: 98.1.35.101
    Safari: 15.0
  npmPackages:
    vite: ^2.6.4 => 2.8.3

Used Package Manager

yarn

Logs

Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Validations

• Follow our Code of Conduct
• Read the Contributing Guidelines.
• Read the docs.
• Check that there isn't already an issue that reports the same bug to avoid creating a duplicate.
• Make sure this is a Vite issue and not a framework-specific issue. For example, if it's a Vue SFC related bug, it should likely be reported to https:/vuejs/core instead.
• Check that this is a concrete bug. For Q&A open a GitHub Discussion or join our Discord Chat Server.
• The provided reproduction is a minimal reproducible example of the bug.

[l1x]

[CristianHG2]

FYI: This might be a duplicate of #1653

---

Experiencing the same issue here. Seems to come and go between reloads in my case, these are some of the patterns I've noticed if it helps anyone:

• Issue seems most prominent during the initial bootup of the dev server
• I'm guessing it's not framework/library-specific, we use React and experience the same errors
• Modules seem to be cached and are not re-built until a change happens
• A bulk of the errors we've seen happens during initial builds and re-builds of largely interconnected components

All in all, I'm thinking it could be some sort of timing mismatch between Vite's response/dispatch and ESBuild finishing. It also flares up when we have errors or under-performance from our linting plugins (TSLint/ESLint), which again affects timing which might play a role here.

I am going to spend some time looking at the net internals to see if I can find anything else of interest, but I'm not a network engineer so can't promise much lol.

Some potential workarounds/solutions:

• Best approach will probably be using a reverse proxy like Nginx and then using proxy_pass. This way you can receive TLS requests on your Nginx virtual site and you can then have Vite serve the response through Nginx, which should show at least an improvement given Vite seems to work perfectly without SSL/HTTP2 settings.

• I've also been able to mitigate the error significantly by implementing this server setting on my Vite config:

const viteBaseUri = 'https://baseuri.test/';

// I got this solution from another issue, unfortunately, I was unable to find the original issue I found it in. But unless I'm completely misunderstanding I believe this essentially forces Node's HTTP server to downgrade to HTTP 1.1

// There's also some additional solutions I haven't tried that are more oriented specifically towards HMR config here:  https:/vitejs/vite/issues/1653

export default defineConfig({
  server: {
    proxy: {
      [viteBaseUri]: viteBaseUri
    }
});

[sapphi-red]

I was not able to reproduce it with Vite 2.8.3 and 2.9.9.

Steps I did. I'm using Windows + Chrome.

1. Obtain ZeroSSL certs.
2. npm init vite with svelte
3. Change Vite to 2.8.3
4. npm i
5. use that cert
6. edit /etc/hosts to resolve domain to localhost
7. npm run dev
8. access mydomain:3000
9. Edit some files

[peterholcomb]

Was able to reproduce this with the vite-plugin-mkcert as well on a react project. Adding the above config from @CristianHG2 resolved this for me.

[garryshield]

i get the same issue with nestjs as api, vite+vue as frontend and nginx as proxy for both, after some research i get it work, i develop all those with docker and docker-compose, here is my setting, if someone needed.

/blog
    docker
        mongo
        nginx-api
            conf/conf.d/default.conf
        nginx-frontend
            conf/conf.d/default.conf
        nginx-backend
            conf/conf.d/default.conf
    docker-compose.yaml
    packages
        api
            Dockerfile
        backend
            Dockerfile
            vite.config.ts
        frontend
            Dockerfile
            vite.config.ts

// docker-compose.yaml
services:
  api:
    build:
      context: .
      dockerfile: ./packages/api/Dockerfile
      target: base
    image: "api:base"
    restart: on-failure
    volumes:
      - ./:/src
    ports:
      - 3000:3000
    depends_on:
      - mongo
    command: yarn workspace api start:dev

  backend:
    build:
      context: .
      dockerfile: ./packages/backend/Dockerfile
      target: base
    image: "backend:base"
    restart: on-failure
    volumes:
      - ./:/src
    ports:
      - 3001:3001
    depends_on:
      - api
    command: yarn workspace backend dev

  frontend:
    build:
      context: .
      dockerfile: ./packages/frontend/Dockerfile
      target: base
    image: "frontend:base"
    restart: on-failure
    volumes:
      - ./:/src
    ports:
      - 3002:3002
    depends_on:
      - api
    command: yarn workspace frontend dev


  mongo:
    image: "mongo"
    restart: on-failure
    volumes:
      - ./docker/mongo/conf:/etc/mongo
      - ./docker/mongo/data:/data/db
      - ./docker/mongo/init:/docker-entrypoint-initdb.d:ro
    ports:
      - 27017-27019:27017-27019
    environment:
      MONGO_INITDB_ROOT_USERNAME: XXX
      MONGO_INITDB_ROOT_PASSWORD: XXX
      MONGO_INITDB_DATABASE: blog
    command: --auth -f /etc/mongo/mongod.conf

  nginx-api:
    image: "nginx"
    restart: on-failure
    volumes:
      - ./docker/nginx-api/conf:/etc/nginx
      - ./docker/nginx-api/keys:/etc/nginx/keys
      - ./docker/nginx-api/html:/usr/share/nginx/html
      - ./docker/nginx-api/logs:/var/log/nginx
    ports:
      - 8080:80
      - 4430:443
    depends_on:
      - api

  nginx-backend:
    image: "nginx"
    restart: on-failure
    volumes:
      - ./docker/nginx-backend/conf:/etc/nginx
      - ./docker/nginx-backend/keys:/etc/nginx/keys
      - ./docker/nginx-backend/html:/usr/share/nginx/html
      - ./docker/nginx-backend/logs:/var/log/nginx
    ports:
      - 8081:80
      - 4431:443
    depends_on:
      - backend

  nginx-frontend:
    image: "nginx"
    restart: on-failure
    volumes:
      - ./docker/nginx-frontend/conf:/etc/nginx
      - ./docker/nginx-frontend/keys:/etc/nginx/keys
      - ./docker/nginx-frontend/html:/usr/share/nginx/html
      - ./docker/nginx-frontend/logs:/var/log/nginx
    ports:
      - 8082:80
      - 4432:443
    depends_on:
      - frontend

// packages/frontend/vite.conf.ts
...
    server: {
      host: true,
      port: env.VITE_PORT as unknown as number,
      hmr: {
        clientPort: 4432,
        path: '/wss'
      }
    }
...

// docker/nginx-frontend/conf/conf.d/default.conf
server {
    listen       80;
    listen  [::]:80;
    server_name  localhost;

    return 301 https://$host:4432$request_uri; 
}

server {
    listen       443 ssl;
    listen  [::]:443 ssl;
    server_name  localhost;

    ssl_certificate /etc/nginx/keys/fullchain.cer;
    ssl_certificate_key /etc/nginx/keys/romenote.com.key;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;

    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        # proxy_set_header HOST $host;
        # proxy_set_header X-Forwarded-Proto $scheme;
        # proxy_set_header X-Real-IP $remote_addr;
        # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        # proxy_set_header Access-Control-Allow-Origin *;
        # proxy_pass_request_headers on;
        # add_header Strict-Transport-Security "max-age=0;";
        
        proxy_pass http://frontend:3002;
    }

    location /wss {
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection upgrade;
        
        proxy_pass http://frontend:3002;
    }
}

[jny986]

I have just found that in order for Vite dev server to work in a docker container I needed to edit the files in the container directly then it will auto update on save,

[sapphi-red]

Closing as this wasn't able to reproduce and there isn't enough information.
If you still have not made it work, please create a new discussion or issue.

FYI Container related comments are not related to this issue.