Toggle an LED with Real HTTPS to Raspberry PI- No Public IP


The first thing you need to figure out is what you’d like to make: a garage door opener, a gate opener, a temperature recorder, or light controller, etc.

You may want to be able to access the device, not only over your local network but over the Internet so that it is accessible from your mobile device, for example.


There are multiple IoT services and platforms that provide this type of service. Most of what these services and platforms offer is focused on the central point of trusting the virtual cloud; is different.

Why allows the issuance of publicly-trusted TLS credentials and access directly to the target device with end-to-end encryption provided by TLS accessible from any browser in the world. In essence, you work and develop on the device as if it were a normal web server. can deliver HTML pages, Javascript, and other normal web server functionality. And with, the device has its own keys, cert, and a tunnel making it accessible from anywhere. There are also options in for TLS on a local network, but that’s a bigger topic.

From a security standpoint, it accomplishes several important things, like:

  • A permanent hostname for the device;
  • A known public key and an authorization ledger (to be able to verify validity of the cert);
  • The ability to issue additional tokens for the creation of additional certs.

Our Goal

In this tutorial, we will focus on deploying a simple light on/off program directly from your Raspberry Pi via TLS to any browser in the world. The next question will obviously be: how do we restrict access to a particular device? has a lot to tell and show on this subject, but, for now, let’s use a really basic example.

Installing Raspberry Pi

To install the Raspberry Pi, you first need to download and install NodeJS (6.9.*). To do this, you will need to get SSH access to the Raspberry Pi and get the Pi on the network. We will not cover this here, but you can follow here.

ssh [email protected] 
curl -sL | sudo -E bash - 
sudo apt-get install nodejs
node --version
[email protected]:~ $ node --version


Then proceed to install beame-insta-ssl

pi@raspberrypi:~ $ 

Initially, it is easiest to receive your first set of credentials directly on the raspberry using an auth token from

You can also generate these tokens yourself and authorize your own certs with beame-sdk

We will cover this in the next tutorial, as well. If you will be using in any serious fashion, you will want the root credentials to be somewhere else other than on the Raspberry, but, for now, this is the quickest and easiest way.

Getting Your First Token

To get your first token, you need to go here and prove that you are not a bot. You will receive your token in the email:

# beame-insta-ssl create 'token from email' 
# beame-insta-ssl tunnel 8008 http
Starting tunnel -> http://localhost:8008

At this point, all we need to do is put together a little project that does something. We will follow this example with an LED. To do this, we need to put together a little node.js service attached.

In this particular example, I have not created a webpage but rather just parsed the URL for the on/off.

Read More:  Toggle an LED with Real HTTPS to Raspberry PI – No Public IP

About The Author

Scroll to Top
Read previous post:
ESP12e + OLED display – a try to make a smartwatch
ESP12e + OLED display – a try to make a smartwatch

ESP12e oled "smartwatch", honestly it's a wrist display ;) The goal Make use of ESP12e, do something smartwatch-like. Usability Fun...