I have found that snippet that works fine:
var ssl = {
key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem')
};
var httpsServer = https.createServer(ssl).listen(port);
However my site uses that server construction:
var server = http.createServer(httpRequestsHandler).listen(_port_, function() {
process.setgid('www-data');
process.setuid('user1');
});
Question: how/where do I specify the ssl in this case ?
Based on the documentation your code has to look like this:
const https = require('https');
const fs = require('fs');
var ssl = {
key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem')
};
var server = https.createServer(ssl, httpRequestsHandler).listen(_port_, function() {
process.setgid('www-data');
process.setuid('user1');
});
I recommend that you look at this site
Related
I am trying to add an SSL certificate to my Nodejs website.
const fs = require('fs');
const https = require('https');
const options = {
key: fs.readFileSync('./ssl/private.key', 'utf8'),
cert: fs.readFileSync('./ssl/certificate.crt', 'utf8'),
requestCert:true,
rejectUnauthorized: false
};
var server = https.createServer(options, app);
app.listen(process.env.PORT || 443, () => {
console.log('Server is running on 3000!')
})
The app does not throw any error but if I try to connec, I still get the connection is not secure in chrome.
I changed my code to:
https.createServer({
key: fs.readFileSync('./ssl/private.key'),
ca:fs.readFileSync('./ssl/ca_bundle.crt'),
cert: fs.readFileSync('./ssl/certificate.crt')
}, app).listen(443);
and it worked
I have a problem since i activated letsencrypt on my domain and did'nt have problem with http server before.
Here is my app.js code:
var app = require('express')();
var fs = require('fs');
var https = require('https');
var secureServer = https.createServer({
key: fs.readFileSync('server.key'),
cert: fs.readFileSync('server.cert'),
ca: fs.readFileSync('server.cacert'),
requestCert: true,
rejectUnauthorized: false
}, app).listen(5221, function() {
console.log("Secure Express server listening on port "+ 5221);
});
var io = require('socket.io')(secureServer);
The Secure Express server listening on port 5221 prints out but nothing more and the codes in:
io.on('connection', function (socket) {
console.log(`Socket ${socket.id} connected.`);
}
Is not working at all.
I've also tested with .pem files, with ca.crt or without that... but nothing changes.
|Greetings|
We are developing an application using nest.js and socket.io, and I'd like to know whether it's possible to create an SSL connection for this environment.
Here's the link to the repo: https://github.com/nokia/skilltree
( the latest attempts have been made in the David branch )
I tried this one, but the socket.io still doesn't use SSL connection:
https://blog.cloudboost.io/everything-about-creating-an-https-server-using-node-js-2fc5c48a8d4e
They suggest this:
var options = {
key: key,
cert: cert,
ca: ca
};
var https = require('https');
https.createServer(options, app).listen(443);
Thank you for any help in advance
Nest takes an option object as second parameter, which also contains https options, like:
const app = await NestFactory.create(AppModule, {
httpsOptions: {
key: 'key',
ca: 'ca',
cert: 'cert',
},
});
await app.listen(3000);
So there should be no need to create the express instance yourself.
Haven't tested, but it should actually work. :)
See also: HttpOptions Interface NestJs
Spent entire day with exactly the same issue, here the best solution I could find:
const httpsOptions = {
key: key,
cert: cert,
ca: ca
};
const expressInstance: express.Express = express();
const app: NestApplication = await NestFactory.create(
MainModule,
expressInstance,
{ httpsOptions }
);
await app.listen(Environment.PORT);
With this approach secure websockets work just fine for me
Example Program:
Server:
var fs = require('fs');
var https = require('https');
var options = {
key: fs.readFileSync('server-key.pem'),
cert: fs.readFileSync('server-crt.pem'),
ca: fs.readFileSync('ca-crt.pem'),
};
https.createServer(options, function (req, res) {
console.log(new Date()+' '+
req.connection.remoteAddress+' '+
req.method+' '+req.url);
res.writeHead(200);
res.end("hello world\n");
}).listen(4433);
Client:
var fs = require('fs');
var https = require('https');
var options = {
hostname: 'localhost',
port: 4433,
path: '/',
method: 'GET',
ca: fs.readFileSync('ca-crt.pem')
};
var req = https.request(options, function(res) {
res.on('data', function(data) {
process.stdout.write(data);
});
});
req.end();
I have generated the Keys and certificate using openssl in my Linux server.
But while running client program its showing as Error: self signed certificate . By referring some websites and even stack overflow discussions some have mentioned that using a option called rejectUnauthorized: false even though there is no use in using this parameter while using certificates for secure transfer of data.
Is there any way to trust the certificates in Linux server?
Any example program with certificates and node JS Program ?
Node JS Client to connect to server?
Without Using rejectUnauthorized: false?
I am trying to get both ws and wss working, on one WebSocket server.
This is what I currently have, only wss
var WebSocket = require('ws');
var https = require('https');
var privateKey = fs.readFileSync('cert/key.key');
var certificate = fs.readFileSync('cert/cert.crt');
var httpsServer = https.createServer({
ca: ca,
key: privateKey,
cert: certificate
}, this.app);
var options = {
server: httpsServer,
perMessageDeflate: false,
maxPayload: 4096
};
var wss = new WebSocket.Server(options);
I know using Socket.io it is really easy, you can just do io.attach(httpServer) and io.attach(httpsServer).
var httpServer = http.createServer(this.app);
var httpsServer = https.createServer({
key: privateKey,
cert: certificate
}, this.app);
httpServer.listen(3002, function(){
console.log('httpServer listening on port 3002');
});
httpsServer.listen(3003, function(){
console.log('httpsServer listening on port 3003');
});
this.io = new ioServer();
this.io.attach(httpServer);
this.io.attach(httpsServer);
Is this even possible, using this WebSocket library?