让我们加密SSL(sailsjs框架)
[英]Let's Encrypt SSL ( sailsjs framework )
问题描述
Sailsjs框架是否有任何节点模块可以让我们使用ssl加密来制作ssl证书?
2 个解决方案
解决方案1
0 2019-01-29 19:07:55
There is a middleware that enables http->https redirect and also handles the ACME-validation requests from Let's Encrypt. 
有一个中间件可以启用http-> https重定向,还可以处理来自Let's Encrypt的ACME验证请求。 As far as I can tell, it does not actually trigger the renewal, nor writes anything, but I believe that the ACME-scripts handle that as cron-jobs every 3 months or so, allowing you app to just validate automatically when they run. 据我所知,它实际上不会触发更新,也不会编写任何内容,但是我相信ACME脚本每3个月左右将其作为cron-jobs处理一次,从而使您的应用程序可以在运行时自动进行验证。 I haven't implemented this myself yet though. 我自己还没有实现。
I would also ask you to really consider using CloudFlare or some other SSL-termination service, as that also gives you a lot of other benefits like DDoS protection, some CDN-features etc. 我还请您考虑使用CloudFlare或其他一些SSL终止服务,因为这还为您带来了许多其他好处,例如DDoS保护,某些CDN功能等。
Docs: @sailshq/lifejacket 文件: @ sailshq / lifejacket
解决方案2
0 2019-01-31 04:45:15
As has been mentioned, you should consider the best overall solution in terms of CloudFlare or SSL-offload via nginx etc. 如前所述,就CloudFlare或通过nginx等进行的SSL卸载而言,您应该考虑最好的整体解决方案。
However, you can use greenlock-express.js for this to achieve SSL with LetsEncrypt directly within the Sails node environment. 但是,您可以为此使用greenlock-express.js在Sails节点环境中直接通过LetsEncrypt实现SSL。
The example below: 下面的例子:
- Configures an HTTP express app using greenlock on port 80 that handles the redirects to HTTPS and the LetsEncrypt business logic. 使用端口80上的greenlock配置HTTP Express应用程序,该应用程序处理到HTTPS和LetsEncrypt业务逻辑的重定向。
- Uses the greenlock SSL configuration to configure the primary Sails app as HTTPS on port 443. 使用greenlock SSL配置将主Sails应用配置为端口443上的HTTPS。
Sample configuration for config/local.js : config/local.js示例配置:
// returns an instance of greenlock.js with additional helper methods
var glx = require('greenlock-express').create({
server: 'https://acme-v02.api.letsencrypt.org/directory'
, version: 'draft-11' // Let's Encrypt v2 (ACME v2)
, telemetry: true
, servername: 'domainname.com'
, configDir: '/tmp/acme/'
, email: 'myemail@somewhere.com'
, agreeTos: true
, communityMember: true
, approveDomains: [ 'domainname.com', 'www.domainname.com' ]
, debug: true
});
// handles acme-challenge and redirects to https
require('http').createServer(glx.middleware(require('redirect-https')())).listen(80, function () {
console.log("Listening for ACME http-01 challenges on", this.address());
});
module.exports = {
port: 443,
ssl: true,
http: {
serverOptions: glx.httpsOptions,
},
};
Refer to the greenlock documentation for fine-tuning configuration detail, but the above gets an out-of-the-box LetsEncrypt working with Sails. 有关微调配置的详细信息,请参阅greenlock文档,但是上述内容使开箱即用的LetsEncrypt与Sails一起使用。
Note also, that you may wish to place this configuration in somewhere like config/env/production.js as appropriate. 还要注意,您可能希望将此配置适当地放在config/env/production.js类的地方。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.