[英]NodeJs Express: Listeining from HTTPS in Amazon EC2 Ubuntu
We are using a combination of Apache Server and NodeJs (Express) for a website. 我们将Apache Server和NodeJ(Express)组合用于网站。 Without SSL, the Apache used to listen to port 80 and Nodejs to port 8080.
如果没有SSL,Apache会先监听端口80,而Nodejs会监听端口8080。
Now, I am installing SSL on the website. 现在,我正在网站上安装SSL。 The Apache is set to listen to port 443. I tried to make the Nodejs listen to port 8443, 3333 etc. - setting the AWS Security Group as "Custom TCP" for the port.
Apache设置为侦听端口443。我试图使Node.js侦听端口8443、3333等。-将AWS Security Group设置为该端口的“ Custom TCP”。 The problem is I am not getting any response from the Nodejs server.My hunch is that the problem is with the EC2 security group setting but cannot really put a finger on the exact issue.
问题是我没有从Node.js服务器获得任何响应。我的直觉是,问题出在EC2安全组设置上,但实际上并不能真正解决这个问题。
The server is created for Nodejs as following : 该服务器是为Node.js创建的,如下所示:
var https = require('https');
var fs = require('fs');
...
...
var https_options = {
ca: fs.readFileSync ("/path/to/cabundle.ca-bundle", "utf8"),
key: fs.readFileSync("/path/to/sslkey.key", "utf8"),
cert: fs.readFileSync("/path/to/certificate.crt", "utf8")
};
var app = express();
var server = https.createServer(https_options, app);
....
....
server.listen(8443 or 3333);
Starting the Server does not cause any error. 启动服务器不会引起任何错误。 Browser,from where I am calling the Nodejs server, does not show any error.
我在其中调用Nodejs服务器的浏览器未显示任何错误。
Any insight is appreciated. 任何见解均表示赞赏。
After Arif pointed out that this can be solved by Apache settings, I am adding the Virtualhost seetings at 在Arif指出可以通过Apache设置解决此问题之后,我在
/etc/apache2/sites-enabled/000-default.conf
/etc/apache2/sites-enabled/000-default.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName www.example.com
Redirect permanent / https://www.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/mysite
Servername www.example.com
SSLEngine on
SSLCertificateKeyFile /path/to/sslkey.key
SSLCertificateFile /path/to/certificate.crt
SSLCertificateChainFile /path/to/cabundle.ca-bundle
<Directory /var/www/html/mysite>
AllowOverride All
Options FollowSymlinks
</Directory>
</Virtualhost>
The client side requests are sent to https://www.example.com:8443 客户端请求发送到https://www.example.com:8443
First of all you need to enable ssl and reverse proxy apache module by following command 首先,您需要通过以下命令启用ssl和反向代理apache模块
sudo a2enmod ssl
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_balancer
sudo a2enmod lbmethod_byrequests
and then update apache ssl config( /etc/apache2/sites-available/default-ssl.conf
) file bellow 然后更新以下的apache ssl config(
/etc/apache2/sites-available/default-ssl.conf
)文件
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin admin@example.com
ServerName your_domain.com
ServerAlias www.your_domain.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /path/to/certificate.crt
SSLCertificateKeyFile /path/to/sslkey.key
ProxyRequests Off
ProxyPreserveHost On
ProxyVia Full
<Proxy *>
Require all granted
</Proxy>
<Location />
ProxyPass http://localhost:8443
ProxyPassReverse http://localhost:8443
</Location>
</VirtualHost>
</IfModule>
now add ssl file and restart apache 现在添加ssl文件并重新启动apache
sudo a2ensite default-ssl.conf
sudo service apache2 restart
Now it should work fine https://your_domain.com 现在,它应该可以正常使用https://your_domain.com
Note: You must open http and https port from AWS console in security group 注意:您必须从安全组中的AWS控制台打开http和https端口
Sorry for delayed reply. 抱歉,回复延迟。 The problem was the CSP settings which were not allowing HTTPS and WSS traffic.
问题是CSP设置不允许HTTPS和WSS通信。
Also, we needed to add 另外,我们需要添加
({secure: true})
while creating the client side Socket using socket.io. 使用socket.io创建客户端Socket时。 Now it is working fine.
现在工作正常。 Thank you all for the inputs.
谢谢大家的投入。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.