Offline content using Kiwix

work in progress

https to http proxy

Kiwix can only serve certain zim files via http, due to the way those files are constructed. However, if those zim files include content that was originally served via https, modern browsers will refuse to load it via http. So you need a local https to http proxy. Then you can point your prowser to an https server running locally, which forwards everything to the regular Kiwix http server, also running locally.

Generate self-signed certificate, valid for 1 day.

openssl req -x509 -newkey rsa:4096 -keyout - -out - -sha256 -days 1 -nodes -subj "/CN=localhost" > server.cert

Start your local https-to-http proxy, using socat. Disable client certificates by issuing verify=0. Assume that kiwix is listening on port 8080.

socat ssl-l:1443,reuseaddr,fork,cert=server.cert,verify=0 tcp4:localhost:8080

Check that everything works:

curl -k https://localhost:1443

Now point your browser to https://localhost:1443, double check the warning message and inspect the certificate before "accepting the risk".

benthor last updated this page on