stackoom
  简体   繁体   中英

getting public ssl certificate for node.js server

 原文  2019-11-28 20:16:22       javascript/ node.js/ ssl/ amazon-ec2/ https

Question

I am running a node.js express server on my aws ac2 linux instance. I need to expose it through https to work properly with the react app that pulls data from it. I was able to generate my own ssl certificate but it will not be recognized by other users and the client app will through an error.

Could you please explain how can i get a public ssl certificate just for the node server. The server uses an ip address like xxx.xx.xx.xx:4500/endpoint. Aws seems to offer ssl but only if you pay for its load balancer and I do not want to do that.

Is there a way to verify the certificate that i generated with openssl so i can use it publicly?

Here is my basic setup:

const express = require('express');
const cors = require('cors');
const mysql = require('mysql');
const moment = require('moment');
var fs = require('fs');
const https = require('https')

const app = express();

xxx

https.createServer({key: fs.readFileSync('server.key'),
cert: fs.readFileSync('server.cert')}, app).listen(4500, () => {
    console.log('Listening...')
  })

Thank you in advance!

3 answers

solution1
 3 ACCPTED  2019-11-28 21:23:56

OpenSSL itself is a tool to create self-signed certificates. Those certificates are never trusted by the browser.

Instead, you can use Let's Encrypt with this command:

apt install certbot

certbot certonly --standalone -d example.com

Let's Encrypt is a trusted entity, so their certificates are valid.

Your new certificates will be on a path like this:

/etc/letsencrypt/live/example.com

As others suggested, you will need one domain. You can get one free on sites like Freenom .

solution2
 0  2019-11-28 20:54:21

If you in a region where Amazon Certificate Manager is suported, You can get a SSL certificate for free. https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html

In order to apply ssl certificate, The easiest way is to use it on a load balancer. Check my answer to this question Apollo Server on Ubuntu 18.04 EC2 instance with HTTPS .

If you want to use the certificate directly on EC2. try the following. I haven't tried this myself. https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-export-private.html

Also i have seen people using https://letsencrypt.org/ to get certs.

solution3
 0  2019-11-28 20:54:44

Your self-signed certificate won't be trusted by the browser.

One solution would be to get yourself a domain and then a free SSL certificate issued by Let's Encrypt. This would remove the error because Let's Encrypt certificates are trusted by all major browsers.

Another solution is to get the free plan of Cloudflare, which includes an SSL certificate. More info here .

There is the possibility to secure your IP with an SSL certificate but there are no free solutions for this.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Node js express server on GCP VM giving SSL error Getting an error when deploying firebase with node.js Getting/Setting metadata in google cloud storage - node.js Node.js failed to upload image file to firebase from the server Where to install Public TLS/SSL Certificate for private service in AWS Cloud? Node.js MongoDB ECONNREFUSED Keep getting the "ConfigError: Missing region in config" error in Node.js no matter what I do Deleting a table in Big Query via Node.js API, and getting ENOENT: no such file or directory AWS SDK S3 node.js connect to local MinIO server How do I leave Node.js server on EC2 running forever?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM