I am trying to create a secure node.js server to use with my site that is using ssl (https).
const crypto = require('crypto'),
fs = require("fs"),
http = require("http");
var privateKey = fs.readFileSync('/home/privatekey.pem');
var certificate = fs.readFileSync('/home/certificate.pem');
var credentials = crypto.createCredentials({key: privateKey.toString(), cert: certificate.toString()});
var handler = function (req, res) {
res.writeHead(200, {'Content-Type': 'text/plain'});
res.end('Hello World\n');
};
var server = http.createServer();
server.setSecure(credentials);
server.addListener("request", handler);
server.listen(8084);
But when I start my server, I get the following error:
node.js:116
throw e; // process.nextTick error, or 'error' event on first tick
^
TypeError: Object #<Server> has no method 'setSecure'
at Object.<anonymous> (/home/meshdev/public_html/js/node/server/test.js:16:8)
at Module._compile (module.js:380:26)
at Object..js (module.js:386:10)
at Module.load (module.js:312:31)
at Function._load (module.js:273:12)
at Array.<anonymous> (module.js:399:10)
at EventEmitter._tickCallback (node.js:108:26)
My server works great without the server.setSecure(credentials);
line. I am running node.js(V0.4.1).
I would appreciate any suggestions.
Thank you.
The easiest solution to resolve these errors is to use the “rejectUnauthorized” option shown below. However, this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack.
HTTPS is a separate module in Node. js and is used to communicate over a secure channel with the client. HTTPS is the HTTP protocol on top of SSL/TLS(secure HTTP protocol).
However, by default, most Node. js applications don't have an access control mechanism, so users can easily access any sensitive information.
HTTPS implementation was re-done in Node.JS 0.4. See the corresponding docs at nodejs.org.
Example from the docs:
var tls = require('tls');
var fs = require('fs');
var options = {
key: fs.readFileSync('server-key.pem'),
cert: fs.readFileSync('server-cert.pem')
};
tls.createServer(options, function (s) {
s.write("welcome!\n");
s.pipe(s);
}).listen(8000);
this setup allowed me to connect to my socket.io server ssl (HTTPS/WSS)
http=require('https'),io=require('socket.io'),fs=require('fs');
var privateKey = fs.readFileSync('ssl/nginx.key');
var certificate = fs.readFileSync('ssl/nginx.crt');
var options = {key: privateKey,cert: certificate};
var server = http.createServer(options);
server.listen(3000);
io = io.listen(server);
I have worked on the https secure with the ssl here is the working code for making the https and http
var fs = require('fs');
var http = require('http');
var https = require('https');
var debug = require('debug')('expressapp');
var app = require('../app');
var CONSTANTS = require('../config/CONSTANTS.js');
var AWS = require('aws-sdk');
var certificate =fs.readFileSync('ssl/server.crt',{encoding:'utf8'},function(err, data ) {
console.log( data );});
var privateKey = fs.readFileSync('ssl/server.key',{encoding:'utf8'},function(err, data ) {
console.log( data );});
var credentials = {
key: privateKey,
cert: certificate,
rejectUnauthorized:false
};
// UNCOMMENT THIS LINE AFTER INSTALLING CA CERTIFICATE
//credentials.ca = fs.readFileSync('ssl/server.crt', 'utf8');;
var httpServer = http.createServer(app);
var httpsServer = https.createServer(credentials, app);
httpServer.listen(CONSTANTS.PORT.HTTP, function() {
console.log('HTTP server listening on port ' + CONSTANTS.PORT.HTTP);
}) ;
httpsServer.listen(CONSTANTS.PORT.HTTPS, function() {
console.log('HTTPS server listening on port ' + CONSTANTS.PORT.HTTPS);
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With