I am trying to add an SSL certificate to my Nodejs website.
const fs = require('fs');
const https = require('https');
const options = {
key: fs.readFileSync('./ssl/private.key', 'utf8'),
cert: fs.readFileSync('./ssl/certificate.crt', 'utf8'),
requestCert:true,
rejectUnauthorized: false
};
var server = https.createServer(options, app);
app.listen(process.env.PORT || 443, () => {
console.log('Server is running on 3000!')
})
The app does not throw any error but if I try to connec, I still get the connection is not secure in chrome.
I changed my code to:
https.createServer({
key: fs.readFileSync('./ssl/private.key'),
ca:fs.readFileSync('./ssl/ca_bundle.crt'),
cert: fs.readFileSync('./ssl/certificate.crt')
}, app).listen(443);
and it worked
Related
I tried following a number of guides to get https on localhost, but it is not working. Here is my code:
const https = require('https');
const fs = require('fs');
const options = {
key: fs.readFileSync('key.pem'),
certificate: fs.readFileSync('cert.pem'),
};
https.createServer(options, (req, res) => {
res.writeHead(200);
res.end("hello world\n");
}).listen(7000, () => {
console.log('listening');
});
I am getting ERR_SSL_VERSION_OR_CIPHER_MISMATCH in chrome.
However, it works if I use npm's http-server. So I believe it is something wrong with https in node, not the key or cert or CA.
I have a problem since i activated letsencrypt on my domain and did'nt have problem with http server before.
Here is my app.js code:
var app = require('express')();
var fs = require('fs');
var https = require('https');
var secureServer = https.createServer({
key: fs.readFileSync('server.key'),
cert: fs.readFileSync('server.cert'),
ca: fs.readFileSync('server.cacert'),
requestCert: true,
rejectUnauthorized: false
}, app).listen(5221, function() {
console.log("Secure Express server listening on port "+ 5221);
});
var io = require('socket.io')(secureServer);
The Secure Express server listening on port 5221 prints out but nothing more and the codes in:
io.on('connection', function (socket) {
console.log(`Socket ${socket.id} connected.`);
}
Is not working at all.
I've also tested with .pem files, with ca.crt or without that... but nothing changes.
I'm running NodeJS with TLS and have created a server like so:
const tls = require('tls');
const fs = require('fs');
const options = {
key: fs.readFileSync('server-key.pem'),
cert: fs.readFileSync('server-cert.pem'),
rejectUnauthorized: true,
requestCert: true,
ca: [ fs.readFileSync('clientX-cert.pem') ]
};
const server = tls.createServer(options, (socket) => {
console.log('server connected', socket.authorized ? 'authorized' : 'unauthorized');
socket.on('data', function (data) {
socket.write(data);
});
});
server.listen(5000);
I'm trying to only approve client with a specific client certificate clientX-cert.pem, but it seems to fail as my client is getting an Error: socket hang up at his end.
When not having requestCert it does work, but then everyone is allowed with a TLS certificate.
Have I misunderstood the rejectUnauthorized: true, requestCert: true and ca: options?
I am trying to get both ws and wss working, on one WebSocket server.
This is what I currently have, only wss
var WebSocket = require('ws');
var https = require('https');
var privateKey = fs.readFileSync('cert/key.key');
var certificate = fs.readFileSync('cert/cert.crt');
var httpsServer = https.createServer({
ca: ca,
key: privateKey,
cert: certificate
}, this.app);
var options = {
server: httpsServer,
perMessageDeflate: false,
maxPayload: 4096
};
var wss = new WebSocket.Server(options);
I know using Socket.io it is really easy, you can just do io.attach(httpServer) and io.attach(httpsServer).
var httpServer = http.createServer(this.app);
var httpsServer = https.createServer({
key: privateKey,
cert: certificate
}, this.app);
httpServer.listen(3002, function(){
console.log('httpServer listening on port 3002');
});
httpsServer.listen(3003, function(){
console.log('httpsServer listening on port 3003');
});
this.io = new ioServer();
this.io.attach(httpServer);
this.io.attach(httpsServer);
Is this even possible, using this WebSocket library?
I have found that snippet that works fine:
var ssl = {
key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem')
};
var httpsServer = https.createServer(ssl).listen(port);
However my site uses that server construction:
var server = http.createServer(httpRequestsHandler).listen(_port_, function() {
process.setgid('www-data');
process.setuid('user1');
});
Question: how/where do I specify the ssl in this case ?
Based on the documentation your code has to look like this:
const https = require('https');
const fs = require('fs');
var ssl = {
key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem')
};
var server = https.createServer(ssl, httpRequestsHandler).listen(_port_, function() {
process.setgid('www-data');
process.setuid('user1');
});
I recommend that you look at this site