• Yes, Ghostlab supports sites using the HTTPS protocol, i.e., you can add both http://www.apple.com and https://www.apple.com as sites in Ghostlab. By default, Ghostlab’s own server serves the content over HTTP, though. If the site you’re testing uses a client-side protocol detection and forces a redirection to HTTPS, which will result in an invalid URL for Ghostlab, you most likely need to adjust the JavaScript Rewriting level.
• Yes, Ghostlab v3 also supports serving content over HTTPS. Please note that earlier versions of Ghostlab don’t have this feature.
  To activate the HTTPS server, you’ll need a server certificate and a private key. For testing purposes, you can create a self-signed certificate as described below, then in the Preferences > Security > HTTPS Server section, tick “enable HTTPS server” and enter the paths to your certificate and key files:
  

Creating a self-signed certificate

(Note that when using a self-signed certificate, the browser will tell you that the site you want to view is not trusted.)

Open a terminal / PowerShell window and cd to the directory in which you want to save the certificate and key.
Copy and paste the following command:

openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 9999

and answer the questions in the prompt. The certificate is saved to the file cert.pem, the private key to the file key.pem.