[英]Generating an SSL Key to work with node.js
I'm working to setup a SSL via GoDaddy to use with my node.js server on AWS EC2. 我正在通过GoDaddy设置SSL以与AWS EC2上的node.js服务器一起使用。 I've been unable to get it to work. 我一直无法让它发挥作用。
Here's what I've tried: 这是我尝试过的:
Intended for the domain: files.mysite.com 适用于域名:files.mysite.com
On the server I run: 在我运行的服务器上:
$ openssl req -new -newkey rsa:2048 -nodes -keyout files.mysite.key -out files.mysite.csr
Common Name: files.mysite.com
password: left empty
I then get the CSR: vim files.mysite.csr 然后我得到CSR:vim files.mysite.csr
I copy and paste from: 我复制并粘贴:
-----BEGIN CERTIFICATE-----
......... lots of stuff
-----END CERTIFICATE-----
There is an extra empty line at the end, which I leave and paste into the GoDaddy interface using rekey. 最后有一个额外的空行,我将其留下并使用重定密钥粘贴到GoDaddy界面。
I then download the godaddy key which provides: 然后我下载godaddy键,它提供:
gd_bundle.crt
files.mysite.com.crt
Then in node I insert: 然后在节点I中插入:
key: fs.readFileSync('server.key').toString(),
cert: fs.readFileSync('server.crt').toString()
I'm not sure what server.key is or server.crt given that GoDaddy provides two crt files? 鉴于GoDaddy提供了两个crt文件,我不确定server.key是什么或者是server.crt?
Can you help? 你能帮我吗?
GoDaddy uses an intermidiate certificate to sign your certificate. GoDaddy使用中间证书签署您的证书。 This has several advantages to both you and GoDaddy. 这对你和GoDaddy都有几个好处。 But it takes a bit more work to get it to work (just a bit, mostly googling around). 但要让它发挥作用需要更多的工作(只是一点点,主要是谷歌搜索)。
In node.js you can install them like this: 在node.js中,您可以像这样安装它们:
require('https').createServer({
key: fs.readFileSync('files.mysite.com.key'),
cert: fs.readFileSync('files.mysite.com.crt'),
ca: [fs.readFileSync('gd_bundle.crt')] // <----- note this part
}, app).listen(443);
You should use .crt
and .key
files at the creation of your http server instance. 您应该在创建http服务器实例时使用.crt
和.key
文件。 The following snippet will give you the idea : 以下代码段将为您提供以下内容:
require('https').createServer({
key: fs.readFileSync('/path/to/something.key'),
cert: fs.readFileSync('/path/to/something.crt'),
}, app).listen(443);
If you have a passphrase for your key, you can pass it though as follows : 如果您有密钥的密码,则可以按如下方式传递密码:
require('https').createServer({
key: fs.readFileSync('/path/to/something.key'),
cert: fs.readFileSync('/path/to/something.crt'),
passphrase: 'your_secret_passpahrase'
}, app).listen(443);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.