I have read over and tried a dozen different ways to get my Aurelia app (run by npm start) on Windows 10 to be served as HTTPS, but have been unable to do so.
If anyone has a clear path to do this, I would appreciate it.
Your Best Option would be to use a 3rd Party Service like Ngrok, just download and run using the following,
ngrok http 80
This will provide you with a free https proxy from their server to you.
You are most likely using BrowserSync and as sometime in 2015 it supports auto detect http vs https via the proxy config setting {proxy: 'https://localhost:12345'}. So if you specify an https proxy url, browsersync should automatically fire up the proxy'd https url. You'll have to hunt for where you're browser sync settings are located. You can use this for the BrowserSync reference. https://wearejh.com/https-support-added-browsersync/#how-does-it-work-
Related
Recently i learned about https module in nodejs,
Like How to use it and generating certificate and key for it.
But there is also http module which most of the tutor teaches at beginning.
But the main question is,
when i create back-end server with http module.
and hosted on website like heroku after deploying we get by default https protocol for our website and its secure.
and even same for using https module
so what's the difference/advantage we get by using http/https module on one over another protocol?
does it make difference?
and which module to prefer while writing server code?
When you are running in a hosting environment like heroku that puts you behind a proxy and that proxy handles the https to the outside world for you, then that's all you need. There is no need to use https on your server directly between you and the proxy as it already has https to the outside world via the proxy and you don't need https between your server and the proxy as that's local to the secure network of the hosting facility.
If you are not running behind such a proxy, then you will want your own server to be https.
In order to ensure secure communication with users of your Express.js applications, you can make all traffic to use HTTPS, by forcing a redirect from HTTP.
I am having issues with running NodeJS as a backend for a React application (website) when utilizing HTTPS. The NodeJS runs on port 3001 waiting for requests. When React is running on IIS on HTTP and queries NodeJS (http://localhost:3001) everything is fine. However if I deploy SSL on the React application then the communication between React and NodeJS fails. I believe it is the security restriction of HTTPS and HTTP interacting.
The question then is, how do I run node on port 3001 but on HTTPS to deal with HTTPS origin requests?
I have looked at Reverse Proxy (https://dev.to/petereysermans/hosting-a-node-js-application-on-windows-with-iis-as-reverse-proxy-397b), looked at IISnode which doesn't seem to be supported anymore and read up on running NodeJS on HTTPS (which doesn't seem to be a viable solution).
Looking for any guidance and direction.
Much appreciated.
Ok, typical that 10 minutes after you ask, you figure it out.
This is how I resolved the issue and someone more knowledgeable might correct me.
On IIS you have your HTTPS React website
Create a second Website on IIS (that also has SSL installed so can be accessed through Https).
On this second website you install the reverse proxy solution (https://dev.to/petereysermans/hosting-a-node-js-application-on-windows-with-iis-as-reverse-proxy-397b) and route the requests to port 3001 on NodeJS application.
Effectively this means that the React application running on Https can now call NodeJS on Https (e.g. https://mynode.mysite.com) and the reverse proxy forwards the request to the NodeJS application on port 3001 (or the port that you are running NodeJs).
If I am wrong (this worked for me) or have gone the long route, please feel free to correct.
Thank you.
I have a website running on HTTPS which uses Prizmdoc API. The website makes call to the Prizmdoc API using "http://:3000", where 3000 is the port used by Prizmdoc API to accept the calls.
Since my website is running on HTTPS, this call is deemed insecure by browser. And there is no way for me to select HTTPS in Prizmdoc as far as I know.
I need to change the Prizmdoc API address to "https://:3000" instead.
I tried checking firewall settings, but there is no option to allow HTTPS connections for a specific port. I tried reinstalling the Prizmdoc API client to see if it allows using HTTPS, but no luck.
I also thought about using IIS url rewrite, but prizmdoc API is not even hosted on IIS. So, I am unable to figure out how is that API accepting the requests over port 3000, and how can I allow HTTPS calls to that port.
Other option that I can try is to serve HTTP requests instead of HTTPS, but I am not sure if it is possible in C#.
Since both my website and Prizmdoc API are hosted on the same server, it should be possible for the website to make calls to a different port using SSL. But simply put, I am out of ideas to try.
TL;DR
Website and a third party API running on same server. Website makes call to the API using IP address and the port. Browser thinks it is a mixed content request and blocks the same.
You might try this: set up a secure reverse proxy that listens for requests over HTTPS and then turns around and relays the requests to the port 3000. I have used this trick to secure an insecure API call. It should be good enough to pass the browsers' security checks as well.
Here are some IIS examples:
https://weblogs.asp.net/owscott/creating-a-reverse-proxy-with-url-rewrite-for-iis
https://blogs.msdn.microsoft.com/friis/2016/08/25/setup-iis-with-url-rewrite-as-a-reverse-proxy-for-real-world-apps/
i do deploy a website in nginx and translate it from http to https using let's cerbot before. it runs well.
My question is, in my website, i need to access my own Node.js Server using axios. As before, i used http, it goes well expect security.But now, below the Https connect, the browser blocks my http connect.So i tried update my Node Server to support Https connect using Self-signed SSL certificates, but the browser blocks it as well.
Who can tell me how can i fix this problem and make the site work well.Thank you!
You should setup nginx as reverse proxy for nodejs server
I'm running a node application on heroku and I would like to find the full request URL through which my application is being requested. In particular, I want to know if it has been accessed through HTTP or HTTPS, so that I can redirect clients connecting through HTTP to use the same URL but with HTTPS instead.
Since the application is running under proxies, etc., the protocol and host portions of the requests I can read are the ones where node is running, as forwarded by Heroku infrastructure.
Hints appreciated!
BTW, my app uses requestjs, in case that is relevant