Install Entrust SSL certificate in Node express application

Question

I'm not sure how to pass in the given certificates to start the https server. Entrust provided the following files:
1. Root certificate. (.txt)
2. Chain root cert file. (.txt)
3. Chain certificate. (.txt)
4. Server certificate. (.crt)

My express app currently takes:

exports.key1 = {
    key:'./server/config/keys/server.key', // ?
    cert:'./server/config/keys/server.crt', // ?
    ca:'./server/config/keys/ca.csr' //given to entrust to generate their cert
};

I'm not sure how to modify the key to match the new files.

Answer 1

Once you've concatenated your certificates, instructions for this are provided by your issuer, you'll need to read them from the file system and provide them to http.createServer() to create a SSL server object. From the documentation:

var https = require('https');
var fs = require('fs');

var options = {
  key: fs.readFileSync('path/to/agent-key.pem'),
  cert: fs.readFileSync('path/to/agent-cert.pem')
};

https.createServer(options, function (req, res) {
  res.writeHead(200);
  res.end("hello world\n");
}).listen(8000);

Usually, you'll wrap the options block in a flag to check whether you are in production or development. For production, you'll read the certificates from a secure, pre-defined path, whilst for development you can generate these and provide them in a root project folder fixtures/ , which you can also distribute with the project repository if it's more convenient. Use the following to create a self-issued certificate for development:

openssl req -batch \
    -new -x509 -sha256 -newkey rsa:2048 -nodes -days 365 \
        -keyout fixtures/dev.key \
        -out fixtures/dev.crt;