Menu
I've scoured stackoverflow and the express google group, but I'm still coming up short.
From what I gather, I can do one of two things:
1) create an instance of an http server and an https server and set the two to listen to two different ports. In the routes, redirect the http request to the https port.
//app
var app = express.createServer();
var app_secure = express.createServer({key: key, cert: cert});
app.listen(8080);
app_secure.listen(8443);
//routes
app.get("unsecure/path", function(req, res) {
...
}
app.get("secure/path", function(req, res) {
res.redirect("https://domain" + req.path);
}
app_secure.get("secure/path", function(req, res) {
res.send("secure page");
}
2) do what TJ Hollowaychuk says: https://gist.github.com/1051583
var http = require("http");
var https = require("https");
var app = express.createServer({key: key, cert: cert});
http.createServer(app.handle.bind(app)).listen(8080);
https.createServer(app.handle.bind(app)).listen(8443);
When I do 1, there are generally no problems. However, it feels clunky to manage two servers and I really feel like there should be a better way.
When I do 2, I get this:
(node SSL) error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
Of course, I can just default to option 1, but I really, really want to know why I'm getting that "no shared cipher error" when I do option 2. And option 2 would be my preferred route.
939
There isn't simple way to have http / https listen on the same port. You best bet is to create proxy server on a simple net socket that pipes to (http or https) based on the nature of the incoming connection (http vs. https). The connection gets refused for the HTTPS redirect.
You should now understand how to set up a NodeJS HTTPS web service using the Express framework. By simply installing the Express NodeJS package and creating a simple configuration script, you can have a secure web service running over HTTPS.
We will perform HTTP to HTTPS redirection by creating an Express middleware function [ 1] and then, inside that function, write the redirection code that will force Express to use HTTPS. The middleware function provides access to the Express req and res objects and next function that we will need.
Go to the terminal and run the following command. After creation adds key & cert file in your code, and pass the options to the server. const express = require('express'); const https = require('https'); const fs = require('fs'); const port = 3000; var key = fs. readFileSync(__dirname + '/../certs/selfsigned.
Following @ypocat 's comment you can enable https in your express.js application like so
var http = require('http');
var https = require('https');
var express = require('express');
var fs = require('fs');
var app = express.createServer();
// cutomize your app as ususal
app.configure( function () { ... });
app.configure('production', function () { ... });
// ....
// attach express handler function to TWO servers, one for http and one for https
http.createServer(app.handle.bind(app)).listen(8080);
https.createServer({
ca: fs.readFileSync('./server.ca-bundle'),
key: fs.readFileSync('./server.key'),
cert: fs.readFileSync('./server.crt')
}, app.handle.bind(app)).listen(8081);
Note that you should receive server.ca-bundle, server.key and server.crt from a certificate authority.
Also as you will probably run node without sudo you need to make sure port 80(http) and 443(https) are open
# in Ubuntu
sudo ufw status
sudo ufw allow 80
sudo ufw allow 443
and to forward requests on 8080 to 80 and from 8081 to 443 respectively
# in Ubuntu
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8081
Hope this helps
118
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
