How to create an HTTPS server in Node.js?
给定一个SSL密钥和证书,如何创建HTTPS服务?
Express API文档对此进行了清楚的说明。
此外,此答案还提供了创建自签名证书的步骤。
我已经从Node.js HTTPS文档中添加了一些注释和摘录:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | var express = require('express'); var https = require('https'); var http = require('http'); var fs = require('fs'); // This line is from the Node.js HTTPS documentation. var options = { key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'), cert: fs.readFileSync('test/fixtures/keys/agent2-cert.cert') }; // Create a service (the app object is just a callback). var app = express(); // Create an HTTP service. http.createServer(app).listen(80); // Create an HTTPS service identical to the HTTP service. https.createServer(options, app).listen(443); |
我发现以下示例。
https://web.archive.org/web/20120203022122/http://www.silassewell.com/blog/2010/06/03/node-js-https-ssl-server-example/
这适用于节点v0.1.94-v0.3.1。
直接从该来源:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | const crypto = require('crypto'), fs = require("fs"), http = require("http"); var privateKey = fs.readFileSync('privatekey.pem').toString(); var certificate = fs.readFileSync('certificate.pem').toString(); var credentials = crypto.createCredentials({key: privateKey, cert: certificate}); var handler = function (req, res) { res.writeHead(200, {'Content-Type': 'text/plain'}); res.end('Hello World '); }; var server = http.createServer(); server.setSecure(credentials); server.addListener("request", handler); server.listen(8000); |
谷歌搜索" node https"时发现了这个问题,但是接受的答案中的示例很旧-取自当前(v0.10)版本的docs,看起来应该像这样:
1 2 3 4 5 6 7 8 9 10 11 12 13 | var https = require('https'); var fs = require('fs'); var options = { key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'), cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem') }; https.createServer(options, function (req, res) { res.writeHead(200); res.end("hello world "); }).listen(8000); |
上面的答案很好,但是使用Express和node可以正常工作。
由于express为您创建了应用程序,因此在此将其跳过。
1 2 3 4 5 6 7 8 9 | var express = require('express') , fs = require('fs') , routes = require('./routes'); var privateKey = fs.readFileSync('cert/key.pem').toString(); var certificate = fs.readFileSync('cert/certificate.pem').toString(); // To enable HTTPS var app = module.exports = express.createServer({key: privateKey, cert: certificate}); |
Node.js中HTTPS服务器的最小设置如下所示:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | var https = require('https'); var fs = require('fs'); var httpsOptions = { key: fs.readFileSync('path/to/server-key.pem'), cert: fs.readFileSync('path/to/server-crt.pem') }; var app = function (req, res) { res.writeHead(200); res.end("hello world "); } https.createServer(httpsOptions, app).listen(4433); |
如果您还想支持http请求,则只需进行以下小的修改即可:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | var http = require('http'); var https = require('https'); var fs = require('fs'); var httpsOptions = { key: fs.readFileSync('path/to/server-key.pem'), cert: fs.readFileSync('path/to/server-crt.pem') }; var app = function (req, res) { res.writeHead(200); res.end("hello world "); } http.createServer(app).listen(8888); https.createServer(httpsOptions, app).listen(4433); |
更新资料
通过Greenlock.js使用"让我们加密"
原始帖子
我注意到,这些答案都没有表明在链中添加了中间根CA,下面是一些零配置示例,您可以使用这些示例来查看:
- https://github.com/coolaj86/nodejs-ssl-example
- http://blog.coolaj86.com/articles/how-to-create-a-csr-for-https-tls-ssl-rsa-pems/
- https://github.com/coolaj86/nodejs-self-signed-certificate-example
片段:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | var options = { // this is the private key only key: fs.readFileSync(path.join('certs', 'my-server.key.pem')) // this must be the fullchain (cert + intermediates) , cert: fs.readFileSync(path.join('certs', 'my-server.crt.pem')) // this stuff is generally only for peer certificates //, ca: [ fs.readFileSync(path.join('certs', 'my-root-ca.crt.pem'))] //, requestCert: false }; var server = https.createServer(options); var app = require('./my-express-or-connect-app').create(server); server.on('request', app); server.listen(443, function () { console.log("Listening on" + server.address().address +":" + server.address().port); }); var insecureServer = http.createServer(); server.listen(80, function () { console.log("Listening on" + server.address().address +":" + server.address().port); }); |
如果您不尝试直接通过connect或express进行操作,而这却是一件容易的事,但是让本机
另外,如果在创建服务器时使用
若要使您的应用程序分别监听端口
创建一个快速应用程序:
1 2 | var express = require('express'); var app = express(); |
您可以按照以下方式进行操作:
1 2 3 4 5 6 7 8 9 10 11 12 13 | var express = require('express'); var https = require('https'); var http = require('http'); var fs = require('fs'); var app = express(); var options = { key: fs.readFileSync('/path/to/key.pem'), cert: fs.readFileSync('/path/to/cert.pem') }; http.createServer(app).listen(80); https.createServer(options, app).listen(443); |
有关完整的详细信息,请参阅文档
您还可以使用Fastify框架对此进行归档:
1 2 3 4 5 6 7 8 9 10 11 12 | const { readFileSync } = require('fs') const Fastify = require('fastify') const fastify = Fastify({ https: { key: readFileSync('./test/asset/server.key'), cert: readFileSync('./test/asset/server.cert') }, logger: { level: 'debug' } }) fastify.listen(8080) |
(如果需要编写测试,请运行
当我们输入命令提示符时,openssl.cnf可以放在任何地方,但路径应该正确。
5,在cmd中运行它:C: openssl-0.9.8r-i386-win32-rev2> openssl.exe
10。然后运行Openssl> rsa -in server.enc.key -out server.key
谢谢
1 2 3 4 5 6 7 8 9 10 11 | var path = require('path'); var express = require('express'); var app = express(); var staticPath = path.join(__dirname, '/public'); app.use(express.static(staticPath)); app.listen(8070, function() { console.log('Server started at port 8070'); }); |