stackoom
  简体   繁体   中英

Enabling HTTPS on an express server

 原文  2015-12-11 04:25:42       javascript/ node.js/ express/ https

Question

I'm trying to configure my express server to use HTTPS but I am running into some issues. I followed the documentation to setup my HTTPS server but I am still encountering some errors.

Here's my app.js 

 var express = require('express'); var app = express(); var server = require('https').createServer(options, app); var io = require('socket.io')(server); var port = process.env.PORT || 3000; var fs = require('fs'); var options = { key: fs.readFileSync('/test/key.pem'), cert: fs.readFileSync('/test/cert.pem') }; server.listen(port, function () { console.log('Server listening at port %d', port); });

When starting my server I encounter

https.js:32 if (process.features.tls_npn && !opts.NPNProtocols) { ^ TypeError: Cannot read property 'NPNProtocols' of undefined at new Server (https.js:32:40) at Object.exports.createServer (https.js:56:10)

So, I tried to define NPNProtocols within options, but that did not work. Anyone have any pointers here? Thank you.

2 answers

solution1
 1 ACCPTED  2015-12-11 04:34:47

try this once, i think you should have certificate in .crt format. and you will require tls module. 

var sslOptions = {
        key: fs.readFileSync('public/server.key'),
        cert: fs.readFileSync('public/server.crt')
};
tls.createServer(sslOptions, function (cleartextStream) {
    var cleartextRequest = net.connect({
        port: port,
        host: serverStr
    }, function () {
        cleartextStream.pipe(cleartextRequest);
        cleartextRequest.pipe(cleartextStream);
    });
}).listen(443);

port is you http port . and sercerStr is you server address.

solution2
 1  2017-11-16 22:37:10

IMO, the issue is not with the extension of the keys, rather the ssl configuration used. Use https node module with correct ssl options for ca, cert, and key to enable https with express. 

// server/index.js
const express = require('express');
const fse = require('fs-extra');
const helmet = require('helmet');
const https = require('https');
const path = require('path');

// path to cert files
const paths = {
  certFile: '/path/to/cert.pem',
  chainFile: '/path/to/fullchain.pem',
  privateFile: '/path/to/privkey.pem',
};

/* Express implementation (ignore) */
const app = express();
app.use(helmet());
app.use(express.static(path.join(__dirname, '..')));
app.get('/', (request, response) => {
  response.sendFile(path.join('index.html'));
});

// setup https
const setupHttps = () => {
  const promises = [
    fse.readFile(paths.chainFile),
    fse.readFile(paths.privateFile),
    fse.readFile(paths.certFile),
  ];

  return Promise
    .all(promises)
    .then(data => {
      const [ chainData, privateData, certData ] = data;
      const options = {
        ca: chainData.toString('utf-8'),
        cert: certData.toString('utf-8'),
        key: privateData.toString('utf-8'),
      };
      return https.createServer(
        options,
        app
      ).listen(443);
    })
    .catch(err => console.log(err));
};

return setupHttps();

EDIT: I used helmetjs for better security with http headers.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Variable HTTP/HTTPS Express Server Is this the rightway to redirect HTTP request to HTTPS in express server? how to set up a HTTPS server using express Creating an HTTPs server with Node.js and Express express.js https server noob Express.js HTTPS not starting server Express Gateway enabling logs Enabling http compression with express How to avoid “Site not secure” on an HTTPS configured Express server Trying to run express node js as https server but it won't run
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM