Toggle an LED with Real HTTPS to Raspberry PI- No Public IP


The first thing you need to figure out is what you'd like to make: a garage door opener, a gate opener, a temperature recorder, or light controller, etc.

You may want to be able to access the device, not only over your local network but over the Internet so that it is accessible from your mobile device, for example.


There are multiple IoT services and platforms that provide this type of service. Most of what these services and platforms offer is focused on the central point of trusting the virtual cloud; is different.

Why allows the issuance of publicly-trusted TLS credentials and access directly to the target device with end-to-end encryption provided by TLS accessible from any browser in the world. In essence, you work and develop on the device as if it were a normal web server. can deliver HTML pages, Javascript, and other normal web server functionality. And with, the device has its own keys, cert, and a tunnel making it accessible from anywhere. There are also options in for TLS on a local network, but that's a bigger topic.

From a security standpoint, it accomplishes several important things, like:

  • A permanent hostname for the device;
  • A known public key and an authorization ledger (to be able to verify validity of the cert);
  • The ability to issue additional tokens for the creation of additional certs.

Our Goal

In this tutorial, we will focus on deploying a simple light on/off program directly from your Raspberry Pi via TLS to any browser in the world. The next question will obviously be: how do we restrict access to a particular device? has a lot to tell and show on this subject, but, for now, let's use a really basic example.

Installing Raspberry Pi

To install the Raspberry Pi, you first need to download and install NodeJS (6.9.*). To do this, you will need to get SSH access to the Raspberry Pi and get the Pi on the network. We will not cover this here, but you can follow here.

ssh pi@myip 
curl -sL | sudo -E bash - 
sudo apt-get install nodejs
node --version
pi@raspberrypi:~ $ node --version


Then proceed to install beame-insta-ssl

pi@raspberrypi:~ $ 

Initially, it is easiest to receive your first set of credentials directly on the raspberry using an auth token from

You can also generate these tokens yourself and authorize your own certs with beame-sdk

We will cover this in the next tutorial, as well. If you will be using in any serious fashion, you will want the root credentials to be somewhere else other than on the Raspberry, but, for now, this is the quickest and easiest way.

Getting Your First Token

To get your first token, you need to go here and prove that you are not a bot. You will receive your token in the email:

# beame-insta-ssl create 'token from email' 
# beame-insta-ssl tunnel 8008 http
Starting tunnel -> http://localhost:8008

At this point, all we need to do is put together a little project that does something. We will follow this example with an LED. To do this, we need to put together a little node.js service attached.

In this particular example, I have not created a webpage but rather just parsed the URL for the on/off.

Read More:  Toggle an LED with Real HTTPS to Raspberry PI – No Public IP

About The Author

Ibrar Ayyub

I am an experienced technical writer holding a Master's degree in computer science from BZU Multan, Pakistan University. With a background spanning various industries, particularly in home automation and engineering, I have honed my skills in crafting clear and concise content. Proficient in leveraging infographics and diagrams, I strive to simplify complex concepts for readers. My strength lies in thorough research and presenting information in a structured and logical format.

Follow Us:

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top