Home  >  Article  >  Web Front-end  >  How to configure a self-signed https server using node.js

How to configure a self-signed https server using node.js

一个新手
一个新手Original
2017-09-07 15:19:421539browse

Using express to build a framework in nodejs can be said to be very simple and convenient, but generally the http server is created by default, which means it can only be accessed through the http protocol. Nowadays, https has become a development trend, and we should follow the trend of the times. In this article, we will create a certificate using a self-signed method, then use the express framework to build an https server, and finally let the browser or client use the https protocol for access.

First we need to generate the certificate file:

(1) Generate the private key key file (the path below indicates the path location of the file you want to save)

openssl genrsa 1024 > /pathway/private.pem

(2) Generate a CSR certificate signature through the private key file generated above

openssl req -new -key /pathway/private.pem -out csr.pem

(3) Generate a certificate file through the above private key file and CSR certificate signature

openssl x509 -req -days 365 -in csr.pem -signkey /pathway/private.pem -out /pathway/file.crt

The three files generated at this time are as follows:

At this time, copy these three files to your nodejs project directory. For example, I create a new certificate folder directly in the project root directory, and then put the three files:

Complete the above steps After that, modify the startup file of the project. My startup file here is app.js, or someone else is server.js. The following code implementation is the same:

var express = require('express'); // 项目服务端使用express框架
var app = express();
var path = require('path');
var fs = require('fs');

//使用nodejs自带的http、https模块
var http = require('http');
var https = require('https');

//根据项目的路径导入生成的证书文件
var privateKey  = fs.readFileSync(path.join(__dirname, './certificate/private.pem'), 'utf8');
var certificate = fs.readFileSync(path.join(__dirname, './certificate/file.crt'), 'utf8');
var credentials = {key: privateKey, cert: certificate};

var httpServer = http.createServer(app);
var httpsServer = https.createServer(credentials, app);

//可以分别设置http、https的访问端口号
var PORT = 8000;
var SSLPORT = 8001;

//创建http服务器
httpServer.listen(PORT, function() {
    console.log('HTTP Server is running on: http://localhost:%s', PORT);
});

//创建https服务器
httpsServer.listen(SSLPORT, function() {
    console.log('HTTPS Server is running on: https://localhost:%s', SSLPORT);
});

//可以根据请求判断是http还是https
app.get('/', function (req, res) {
    if(req.protocol === 'https') {
        res.status(200).send('This is https visit!');
    }
    else {
        res.status(200).send('This is http visit!');
    }
});

After the code implementation is completed, start the app.js script, you can Use the "node app.js" command to start, or run it in other IDEs, and then access it in the browser (note that express is not a built-in system module and needs to be installed through npm):

You can see that we have succeeded We use https to access our server, but the Chrome browser displays a red Not Secure. This is because this certificate was built by us and has not been verified by a third-party agency, so a warning message will appear. We will introduce how to apply for a certified certificate in a subsequent blog.

Open the developer mode in the Chrome browser, and you can see the certificate information of the current page in the Security page, as shown below:

Click "View certificate" to see the certificate Details:

Expand the details and you can see the various certificate information we entered when creating the certificate.

At the same time, we can also use Postman to simulate client requests (in actual development, server students can send certificates to client students, and https communication can be achieved after simple configuration):

The above is the detailed content of How to configure a self-signed https server using node.js. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn