[merb]

well h2 for development is really hard since basically you need to create a certificate, because no major browser implements h2 over plaintext. i mean a lot of people can live with that and just insert a development certificate into their trust chain, but some people do not understand that and others work in more restricted environments. so basically fully controlling and developing with h2 is basically not as easy as it was with http/1.

[pornel]

For server development the hard part is simulating realistic network conditions. For example, on localhost, you'll never witness any prioritization happening, because you'll never grow a queue of responses still waiting to be sent down.

[zamadatix]

Browser Dev tools pretty much cover that in one click these days.

[stereo]

Getting a valdid certificate with letsencrypt is, once you’re a tiny bit familiar with certbot, a matter of minutes.

[tlrobinson]

Has anyone just published a valid certificate for a domain name that resolves to 127.0.0.1?

[Ayesh]

For your own use, you can obtain a certificate via DNS validation, or by pointing your DNS A records to a server with a public IP.

When you publish the private key online, anyone can revoke the certificate, or the CA themselves will.