How can you get yourself a key and certificate pair for using in https?

Question

I am trying to use the https module in Node.js.

Here's the code:

var options = {
    key : <key comes here>,
    cert : <key comes here>
};

https.createServer(options, app).listen(app.get('port'));

Answer 1

You can use OpenSSL, A private key is created like this

openssl genrsa -out ryans-key.pem 1024

The first step to getting a certificate is to create a "Certificate Signing Request" (CSR) file. This is done with:

openssl req -new -key ryans-key.pem -out ryans-csr.pem

To create a self-signed certificate with the CSR, do this:

openssl x509 -req -in ryans-csr.pem -signkey ryans-key.pem -out ryans-cert.pem

To create .pfx or .p12, do this:

openssl pkcs12 -export -in agent5-cert.pem -inkey agent5-key.pem \
    -certfile ca-cert.pem -out agent5.pfx

Here is a simple example echo server

var tls = require('tls');
var fs = require('fs');

var options = {
  key: fs.readFileSync('server-key.pem'),
  cert: fs.readFileSync('server-cert.pem'),

  // This is necessary only if using the client certificate authentication.
  requestCert: true,

  // This is necessary only if the client uses the self-signed certificate.
  ca: [ fs.readFileSync('client-cert.pem') ]
};

var server = tls.createServer(options, function(cleartextStream) {
  console.log('server connected',
              cleartextStream.authorized ? 'authorized' : 'unauthorized');
  cleartextStream.write("welcome!\n");
  cleartextStream.setEncoding('utf8');
  cleartextStream.pipe(cleartextStream);
});
server.listen(8000, function() {
  console.log('server bound');
});

you can refer to http://nodejs.org/api/tls.html for more info,

Regards

Answer 2

Follow the openssl instructions found at the Node.js website.