stackoom
  简体   繁体   中英

How to setup dual http and https servers behind a load balancer like elastic balancer

 原文  2014-10-15 23:11:34       node.js/ ssl/ amazon-web-services/ load-balancing/ elastic-beanstalk

Question

I have a nodejs+expressjs application that only needs to operate normally on http. I added a couple of admin views to the app and serve these views via https using authentication and my own self-signed certificates. This means running both http and https servers in my app. On my local system, this works just fine with the https certificates residing in my "donotcheckin" directory.

Now I'm trying to get it running on a load balanced elastic beanstalk setup. I've uploaded the certificate and private key via IAM and that seems to work (both http and https urls for my eb application are reachable).

What I am confused on now is how to deploy the http and https servers in my application code. Please help by shedding some lights on these 2 options (or suggest other options).

  1. Since the load balancer already takes care of https, can I just drop the https server altogether? If so, are is there header info that the load balancer is guaranteed to pass on to the application's standard http server so that it can detect whether admin views are being accessed securely?

  2. I can also leave the certificates on the load-balancer as well as the application's https server. However, in this elastic beanstalk autoscaling environment, what is the right way to give this https server access to the cert and private key files?

Thank you for your help.

1 answers

solution1
 0 ACCPTED  2014-10-16 01:06:07

  1. Like you stated, you may configure the ELB to forward all HTTPS and HTTP traffic to your applications http server, eliminating the need to handle any https configuration in your application. You may refer to the 'X-Forwarded-Proto' header to detect whether the request is coming though as http vs https.

    For my use case, I forward all traffic to https, so I simply redirect if the the header type is http: 

     app.use(req, res, next) { if(req.headers['x-forwarded-proto'] == 'http' && process.env.NODE_ENV!=="development"){ res.redirect('https://' + req.headers.host + req.path); } else { next(); } }

  2. If you'd prefer to keep the cert in the App, then it would be as simple as leaving them somewhere in your app directory and loading them when you create the server, like this

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I setup HTTPS with a Single Instance Elastic Load Balancer for node.js? Mutliple http routes on Elastic Beanstalk load balancer for node app with multiple servers Why are both servers behind my load balancer responding to every HTTP request? Has anyone used Primus with websockets behind aws Elastic Load Balancer? How do I configure an Elastic Beanstalk NodeJS application with a Classic Load Balancer to use HTTPS? How to force node.js/express.js to HTTPS when it is running behind an AWS load balancer How to run Amazon EC2 with Elastic Load Balancer and Node.js (HTTP and TCP) correctly? How to use an AWS elastic load balancer with React HTML5 page How to get protocol behind cloudfront / load balancer with nodejs? AWS Load balancer to only support HTTPS and auto redirection to HTTPS for user trying to access HTTP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM