Im trying to run nodejs app to work with my php project. the problem is I think with SSL which is enabled in the server.
I have two files that I found in my root directory after SSL install: domain.com.csr and domain.com.key and I tried to combine them to connection while creating https server, but nothing worked for me.
so far I have this code:
var socket = require('socket.io');
var express = require('express');
var http = require('http');
var app = express();
var server = http.createServer(app);
var io = socket.listen(server);
app.get('/test', function(req, res) {
res.send('hello world');
console.log('visited test')
});
io.sockets.on('connection', function (client) {
console.log("New client !");
client.on('message', function (data) {
console.log('Message received ' + data.name + ":" + data.message);
io.sockets.emit('message', {name: data.name, message: data.message});
});
});
server.listen(8080, function () {
console.log('listen me on: 8080');
});
and it works well when I'm trying to visit http://ip:8080/test so it means that node server is working, but when I try to create socket connection on my view file var socket = io.connect('http://ip:8080'); it gives me error:
The page at 'https://www.domain.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://ip:8080/socket.io/?EIO=3&transport=polling&t=1446818946199-0'. This request has been blocked; the content must be served over HTTPS.
so the problem is clear enough, but how to deal with it?
also I have tried this connection:
var socket = io.connect('https://www.domain.com:8080');
but the result is 404 GET Error. How to deal with it?
Update
now the part of code I should use, but don't know how to get cert of existing SSL in the server.
var socket = require('socket.io');
var express = require('express');
var https = require('https');
var fs = require('fs');
var options = {
key: fs.readFileSync('path/to/key.pem'), // dont have
cert: fs.readFileSync('path/to/cert.cert') // dont have
};
var app = express();
var server = https.createServer(options, app);
var io = socket.listen(server);
app.get('/test', function(req, res) {
res.send('hello world');
console.log('visited test')
});
io.sockets.on('connection', function (client) {
console.log("New client !");
client.on('message', function (data) {
console.log('Message received ' + data.name + ":" + data.message);
io.sockets.emit('message', {name: data.name, message: data.message});
});
});
server.listen(443, function () {
console.log('listen me on: 443');
});
I think you need to contact your certificate authority (the organization that issued your first ssl certificate) and get a copy of the certificate (the path/to/key.pem and path/to/cert.cert) or find the existing keys somewhere on your existing server.
If you're running apache, your configuration file will have a section with values for the paths of the .cert and .pem files labeled SSLCertificateFile and SSLCertificateKeyFile, then just update the paths in your node app to point to them. You also have to make sure that your SSL certificate meets the requirements (for example, needs to be Multi-domain if your node app runs on a different domain, or a Wildcard SSL certificate to run your node app on a subdomain).
The domain.com.csr and domain.com.key files you found are the private key and certificate request used to generate your initial SSL certificate and aren't going to do anything to enable SSL on your node app.
Related
I recently decided to learn socket.io, to make something real-time. I wrote something up, following the Get Started page on the site, and tested it locally until I got it working properly.
I uploaded it to my server using the same process as anything else. I ran it on port 8002, and added it to my reverse proxy (using http-proxy-middleware) under /pong/*. I then proxied /socket.io/* to port 8002 before it worked. However after inspection with Firefox I noticed that socket.io was only using polling as a transport method and not websockets, and after some further thought I decided that sending /socket.io/* to 8002 is not going to be good when using socket.io on other projects in the future.
So I ask, how do I get multiple socket.io programs running behind a reverse proxy, using websockets as a for transport?
proxy.js
const express = require("express")
const fs = require('fs');
const http = require('http');
const https = require('https');
const proxy = require('http-proxy-middleware');
const privateKey = fs.readFileSync('/etc/[path-to- letsencrypt]/privkey.pem', 'utf8');
const certificate = fs.readFileSync('/etc/[path-to-letsencrypt]/cert.pem', 'utf8');
const ca = fs.readFileSync('/[path-to-letsencrypt]/chain.pem', 'utf8');
var credentials = {key: privateKey, cert: certificate, ca: ca};
var app = express();
app.use(function (req, res, next) {
console.log(req.url)
next()
})
app.use("/pong/*", proxy({ target: "http://localhost:8002", pathRewrite: {"^/pong": ""}, ws:true, changeOrigin: true }))
app.use("/pnw/war/*", proxy({ target: "http://localhost:8000" }))
app.use("/pnw/nation/*", proxy({ target: "http://localhost:8001" }))
app.use(express.static("./static"))
https.createServer(credentials, app).listen(443);
// Redirect all HTTP traffic to HTTPS
http.createServer(function (req, res) {
res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url });
res.end();
}).listen(80);
pong.js
var app = require('express')();
var http = require('http').Server(app);
var io = require('socket.io')(http, {
path: "/pong/"
});
app.get('/', function(req, res){
res.sendFile(__dirname + '/index.html');
});
http.listen(8002, function(){
console.log('listening on *:8002');
});
index.html
<script src="/pong/socket.io.js"></script>
<script>
var socket = io({
// transports: ['websocket'], upgrade: false, (using for testing)
path:"/pong"
})
// ...
</script>
What I have currently comes from following the answer to this question:
Setting up multiple socket.io/node.js apps on an Apache server?
However in the firefox console I get a warning which reads:
Loading failed for the <script> with source “https://curlip.xyz/pong/socket.io.js”, followed by an error io is not defined. In the network tab getting socket.io.js is showing a 404.
So what I believe is happening is that because express is capturing the requests for /, socket.io cannot (for some reason) server socket.io.js. However when I changed / to /index.html and loaded that there was no change.
So I did some more research and came upon a solution. I opened the port 8002 on my EC2 so that I could poke around looking for socket.io.js.
Essentially what I found is socket.io.js was located at /pong/pong/socket.io.js because I set path in pong.js to "pong", which, in hindsight make sense, the proxy adds one "pong", while socket.io itself is capturing "/pong".
Knowing this I removed the path option in pong.js, so that socket.io.js can be found at /pong/socket.io/socket.io.js. I then made the client point to this by changing the script tag and path option in index.html.
pong.js
var app = require('express')();
var http = require('http').Server(app);
var io = require('socket.io')(http);
app.get('/', function(req, res){
res.sendFile(__dirname + '/index.html');
});
http.listen(8002, function(){
console.log('listening on *:8002');
});
index.html
<script src="/pong/socket.io/socket.io.js"></script>
var socket = io({
path:"/pong/socket.io/"
})
I am creating a chaincode project , in which nodejs is consuming the chaincoe smartcontract.
My project structure includes index.js - swagger specs , app.js - to consumer swagger specs and bin/www - where http specification is defined .
I have defined http with basic auth and it works fine. For making all the services https secure , I have downloaded open ssl in my linux machine and have generated the certificate and the private key. (https://www.linuxhelp.com/how-to-install-and-update-openssl-on-ubuntu-16-04/)
I have made changes in the bin/www.js for the https part :
#!/usr/bin/env node
var app = require('../app');
var fs = require('fs');
var http = require('http');
var https = require('https');
require("dotenv").config();
var privateKey = fs.readFileSync('key.pem').toString();
var certificate = fs.readFileSync('cert.pem').toString();
var port = normalizePort(process.env.PORT || '8080');
app.set('port', port);
var hostname = process.env.HOSTNAME;
function normalizePort(val) {
var port = parseInt(val, 10);
if (isNaN(port)) {
// named pipe
return val;
}
if (port >= 0) {
// port number
return port;
}
return false;
}
https.createServer(function (req, res) {
res.writeHead(200, {'Content-Type': 'text/plain'});
res.write('Hello World!');
res.end();
}).listen(8080);
but this is not working . I have also imported the certificate and key in the mozilla. Request all to kindly help on this.
Thanks in advance.
You need to add the key and cert to the createServer function.
const options = {
key: fs.readFileSync('key.pem').toString();
cert: fs.readFileSync('cert.pem').toString();
}
https
.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
})
.listen(443, function(){
console.log("Server listening on localhost:443");
});
Now, as #aditi said in the comments, the callback in createServer is a request handler. That means it will trigger when there is a request event. A request event is triggered by mostly HTTP requesting the server. So, if you open localhost:443 it will show you the "hello world" text.
If you want to console log something when the server is started (listing) you need to add the callback in the listen function. Which you have done.
it worked ,
I used
https.createServer(httpsOptions,app)
.listen(port,function(){
console.log("Inside HTTPS creation");
})
Thanks all.
I am using ASP.NET CORE 2.0 to build an e-commerce. The e-commerce has a chat built using nodejs and the package socket.io. The socket.io server is remote on the server. When I use the Socket.io client locally, running Visual Studio Debugger, to access the remote socket.io, all works fine.
The code is like this, note that I am not using https
var app2 = require('express')();
var http = require('http').Server(app);
var http2 = require('http').Server(app2);
var io = require('socket.io')(http);
http.listen(3009, function () {
console.log('listening on port 3009');
});
http2.listen(3011, function () {
console.log('listening on port 3011');
});
But when I publish my web site and get the html page along with the socket.io client served by Nginx/kestrel I got an error message saying that I was mixing something, I didn't pay attention to the error message because I remembered that I was using http on my server socket.io and clients. So I changed the socket.io server and clients but now I cannot connect.
My changes are like this:
var app2 = require('express')();
var http = require('https').Server(app);
var http2 = require('https').Server(app2);
var io = require('socket.io')(http);
http.listen(3009, function () {
console.log('listening on port 3009');
});
http2.listen(3011, function () {
console.log('listening on port 3011');
});
clients
myIo = io('https://www.example.com.br:3009', { secure: true, reconnect: true, rejectUnauthorized: false });
I used Let's encrypt to enable https connections, I am using Nginx as proxy for Kestrel, I am using ufw on Ubuntu 17.
I got this error yesterday. I couln't even sleep at night. But I got it working. I sent the certificates like this.
var app = require('express')();
var app2 = require('express')();
var fs = require('fs');
var options = {
key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem')
};
var http = require('https').Server(options, app);
var io = require('socket.io')(http);
app.get('/', function (req, res) {
res.send('server is running');
});
app2.get('/', function (req, res) {
res.send('admin area');
});
I don't want anyone passing the frustration felt. Hope I can help somebody.
You need to add the transports type for your client and server
server
var io = require('socket.io')(http);
io.set('transports', ['websocket']);
client
myIo = io('https://www.example.com.br:3009', { transports:
['websocket'], upgrade: false }, { 'force new connection': true });
I am using nginx with my ssl certificates and it's giving me the https version of my site which is great. The problem is my socket.io communications don't work unless i use a regular http connection. I apologize if this is a bit long, but i'm not sure what i'm doing here and wanted to make sure you guys had everything you might need to know. I have tried the solutions of various different sites some of which were on here, but none of them worked.
I tried manually creating the https server instead of letting express do it but that resulted in nothing loading at all, with the current implementation i can at least see the site.
upstream project {
server example.org:4000;
}
server {
listen 80;
return https://$host$request_uri;
}
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /home/adam/SSL/public.crt;
ssl_certificate_key /home/adam/SSL/example.org.key;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://example.org;
}
}
That seems to be working as when i go to my site, it automatically takes me to the https version and the page is loaded. The issue is when is when the client side tries to connect i keep getting:
"https://MY_SERVER_IP:4040/socket.io/?EIO=3&transport=polling&t=M0CPjUDnet::ERR_CONNECTION_CLOSED"
printed to the console
Here's my client and server code:
var IPaddress = 'https://MY_SERVER_IP:4040';
var socket = io.connect(IPaddress,{secure:true});
socket.on('connect', function (socket) {
console.log('Connected!');
});
server code:
var express = require('express');
var app = express();
var privateKey = fs.readFileSync(__dirname+'/SSL/example.com.key','utf8');
var certificate = fs.readFileSync(__dirname+'/SSL/public.crt','utf8');
var intermediate = fs.readFileSync(__dirname+'/SSL/intermediate.crt','utf8');
var options = {key:privateKey,cert:certificate,ca:intermediate};
var io = require('socket.io').listen(4040,options);
//var io = require('socket.io').listen(4040);
io.sockets.on('connection', function (socket) {
socket.on('disconnect',function(){
console.log("A client has left us :(");
});
});
app.listen(4000);
Update - 02/12/2017
In my code i have this line:
require('./routes.js')(app);
which contains:
module.exports = function(app) {
app.get('/main',function(req,res){
if (req.session.user == null){
// if user is not logged-in redirect back to login page //
res.redirect('/');
} else{
res.sendFile(path.join(__dirname + '/FrontEnd/main.html'));
}
});
// viewed at http://localhost:8080
app.get('/', function(req, res) {
if(req.cookies.user == undefined || req.cookies.pass == undefined){
res.sendFile(path.join(__dirname + '/FrontEnd/login.html'));
}else {
//attempt automatic login
AM.autoLogin(req.cookies.user,req.cookies.pass,function(o){
if(o !=null){
req.session.user = o;
res.sendFile(path.join(__dirname + '/FrontEnd/home.html'));
}else{
res.sendFile(path.join(__dirname + '/FrontEnd/login.html'));
}
});
}
});
......
Could this be causing the 502 bad gateway error?
Expanding on my comment, in your current server code, both express and socket.io are only accepting regular HTTP connections. The socket.io listen(port[, options]) function does not accept HTTPS connections.
You started on the right approach with manually creating an HTTPS server. You then need to attach express and socket.io to that server.
var fs = require('fs');
var express = require('express');
var app = express();
var privateKey = fs.readFileSync(__dirname + '/SSL/example.com.key', 'utf8');
var certificate = fs.readFileSync(__dirname + '/SSL/public.crt', 'utf8');
var intermediate = fs.readFileSync(__dirname+'/SSL/intermediate.crt', 'utf8');
var options = { key: privateKey, cert: certificate, ca: intermediate };
// Create our HTTPS server here and attach express to it
var server = require('https').createServer(options, app);
// Attach socket.io to our existing HTTPS server
var io = require('socket.io')(server);
io.sockets.on('connection', function (socket) {
socket.on('disconnect', function() {
console.log("A client has left us :(");
});
});
server.listen(4000);
With the following code snippet:
var express = require('express'),
app = express(),
server = require('https').createServer(app),
io = require('socket.io')(server);
app.get('/', function(req, res, next) {
res.sendFile(__dirname + '/assets/html/index.html');
});
/** More routing functions **/
io.on('connection', function(socket) {
components.socket.onConnect(socket, config);
});
io.on('save', function(data){
var saved = save(data);
io.emit('response', saved);
});
/** More Socket.io functions **/
server.listen(443, function() {
console.log("Server Ready.");
});
Assuming this server side setup (with ssl cert) and the clients connect securely, are the data value on save and the saved value emitted back with socket.io also encrypted with the ssl cert like the web data would be too?
The answer is yes as long as you use https for the initial connection. In your example, since you're only ever using https, this will never be a problem for you.