My web application uses Tomcat7 for hosting web pages and NodeJS for WebRTC. Each of them has a different IP. We've already set up the ssl certificate of Tomcat. My question is can I use the signed certificate of Tomcat in the NodeJS server?
Yes! you can use the installed certificate on your tomcat and NodeJS server.
But, you need to be clear with your common name as there are many different types of certificate available like wildcard ssl, which supports all the sub-domains for a single domain name, multi-domain certificate, which support multiple domain names on a single certificate.
Certificate feasibility depends on your types of certificate, which you can export from apache keystore and import on NodeJS server.
http://nodejs.org/api/tls.html - The following articles will help you for the installation of export certificate from apache to NodeJS server.
Related
I have a webapp server based on nodejs installed on Windows Server 2016. I want to install an SSL Certificate on such server. I've generated a free SSL from Cloudflare but it downloaded a DER file. The person responsible for configuring the Webserver said he needs a .pfx and a passphrase in order to install the SSL Certificate. Is there a way to convert .der to .pfx with a passphrase, or is there any other way to do that for free or buy one at a very low cost,
Thanks in advance!
If you need a custom SSL certificate for you server, consider obtaining it directly from Let's Encrypt https://letsencrypt.org/.
Alternatively, you can use Cloudflare as a reverse proxy on top of your Node.js server that will add SSL automatically without a need to configure anything (other than creating a DNS record and checking "Cloudflare Proxy" (orange) checkbox. Then in your server settings, you would just configure firewall rules to allow connections only from Cloudflare IPs that can be found here — https://www.cloudflare.com/ips/.
I have a windows server 2012 with a SSL Certificate running in IIS.
I have a Node JS app deployed on that server too, i'm using pm2 to manage this project, but, I need to use this project with https too.
How I can do this?
Previously I tried to re-key the certificate with Open SSL following the steps of this link:
Setting up real SSL with Node JS
Everything is ok, but when I re-key the certificate with the .csr generated by openSSL, my certificate on IIS stop working.
How can I achieve this?
I'm using GoDaddy for the SSL certificate.
Thanks in advance.
So you're essentially trying to use the same certificate on two different web servers? Presumably they serve to different domains? (e.g. a.mydomain.com, b.mydomain,.com).
If their base domain is the same you can look into getting a certificate issued that has a wildcarded domain (*.mydomain.com). If your registrar doesn't support this, or if your domains are totally different and not related, then you need two different certificates.
I have developed a RESTful web service using Node.js. I want to host this service on my home PC which is having static IP(which can be access from internet). But I want to host this service using SSL. Note that my home PC is not associated with any internet domain. So I want to know how to host my Webservice using ssl on my home PC. Also I want to know where to buy ssl certificate and what type of certificate? Because most of the certificate authorities who sells certificate talking about ssl for website only.
I'm quite new to this. I have a node-express https server that currently runs locally on my machine. My simple website runs on this https sever and make xmlhttp requests to consume some APIs (as these APIs only accept requests from https endpoint). At the moment I'm using a self signed SSL certificate.
I'd like to deploy the server with html, js files to EC2 and make it accessible to the public. My questions are
Can I use AWS Certificate Manager to generate a SSL certificate, and how to use it with node-express server? Can node-express use this SSL certificate on EC2? or do I need to use this SSL certificate with Elastic Beanstalk and ELB?
I did some research but the ACM documentation said an email will be sent to the registered domain owner for each domain name in the certificate request. I don't have a domain as I plan to have users access my site using IP address. What do I do in this case?
Many thanks for your help!
You can't use an ACM certificate directly with NodeJS. You have to place a load balancer in front of your server and install the ACM certificate on the load balancer.
The ACM service does not support SSL certificates for IP addresses, only domain names. I recommend obtaining a domain name.
I've found some tutorials about transferring SSL from Windows to Linux server such as this one here: https://major.io/2007/03/23/exporting-ssl-certificates-from-windows-to-linux/. But is it possible to do something like this in shared hosting because in shared hosting Apache configuration may not be allowed?
Well it is possible to transfer an SSL certificate from a Windows (IIS) environment to a Linux (Apache) environment. Within a shared hosting environment, (at least the majority of them) it will not be possible to install the SSL certificate to the hosting account without the help of your hosting provider. The SSL installation requires an IP be allocated to your domain within the server's configuration, unless deployed with SNI, and a VirtualHost entry routing requested to port 443 (TLS/SSL) for your domain on that IP will have to be created. Needless to say these configurations affect the server as a whole and are chargeable services so most providers will not provide you direct access to do this. If your provider uses Plesk or cPanel or Vdeck then this is the case.
That being said it is well worth the money to have your hosting provider complete this configuration for you and the related services are generally pretty cheap. Most providers will average around $20.00 per year for all the services required to have your SSL function on their servers.
I would request information from your provider regarding the installation to see if it is the right solution for you.
As a note Windows (IIS) SSL certificates are commonly PKCS#12/PFX Formated. The PKCS#12 or PFX format is a binary format for storing the server certificate, any intermediate certificates, and the private key in one encryptable file. PFX files usually have extensions such as .pfx and .p12. PFX files are typically used on Windows machines to import and export certificates and private keys. Linux (Apache) will use PEM formatted certificates.The PEM format is the most common format that Certificate Authorities issue certificates in. PEM certificates usually have extentions such as .pem, .crt, .cer, and .key. They are Base64 encoded ASCII files and contain "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" statements. Server certificates, intermediate certificates, and private keys can all be put into the PEM format.
Apache and other similar servers use PEM format certificates. Several PEM certificates, and even the private key, can be included in one file, one below the other, but most platforms, such as Apache, expect the certificates and private key to be in separate files.
I would not bother with the conversion prior to contacting your hosting provider as they can obtain the PKCS#12/PFX certificate from you and then covert it when installing it on the server. You should only have to provide the PKCS#12/PFX formatted certificate.
Well instead of transferring the certificates its easy to reissue the SSL after you have migrated to another hosting platform.
In Shared hosting, you won't have access to the webserver (IIS and Apache) to export and import SSL Certificates. For that, you will have to contact your hosting service provider to transfer the SSL Certificate.
Recently, I've moved SSL Certificate from my Windows VPS to Linux VPS with the help of the following article.
https://www.sslsupportdesk.com/move-certificate-iis-apache/
I am sure that the above link will be helpful if you want to move the SSL Certificate from Windows VPS to Linux VPS.