在快速服务器上启用HTTPS

时间:2015-12-11 04:25:43

标签: javascript node.js express https

我尝试将我的快速服务器配置为使用HTTPS,但我遇到了一些问题。我按照文档来设置我的HTTPS服务器,但我仍然遇到一些错误。

这是我的app.js



 
var express = require('express');
var app = express();
var server = require('https').createServer(options, app);
var io = require('socket.io')(server);
var port = process.env.PORT || 3000;
var fs = require('fs');

var options = {
  key: fs.readFileSync('/test/key.pem'),
  cert: fs.readFileSync('/test/cert.pem')
};

server.listen(port, function () {
  console.log('Server listening at port %d', port);
});




启动我的服务器时遇到

https.js:32 if (process.features.tls_npn && !opts.NPNProtocols) { ^ TypeError: Cannot read property 'NPNProtocols' of undefined at new Server (https.js:32:40) at Object.exports.createServer (https.js:56:10)

因此,我尝试在选项中定义NPNProtocols,但这不起作用。任何人都有指点吗? 谢谢。

2 个答案:

答案 0 :(得分:1)

尝试一次,我认为你应该有.crt格式的证书。你将需要tls模块。

var sslOptions = {
        key: fs.readFileSync('public/server.key'),
        cert: fs.readFileSync('public/server.crt')
};
tls.createServer(sslOptions, function (cleartextStream) {
    var cleartextRequest = net.connect({
        port: port,
        host: serverStr
    }, function () {
        cleartextStream.pipe(cleartextRequest);
        cleartextRequest.pipe(cleartextStream);
    });
}).listen(443);

端口是你的http端口。和sercerStr是你的服务器地址。

答案 1 :(得分:1)

IMO,问题不在于密钥的扩展,而是使用的ssl配置。使用https节点模块和ca, cert, and key的正确ssl选项启用https with express。

// server/index.js
const express = require('express');
const fse = require('fs-extra');
const helmet = require('helmet');
const https = require('https');
const path = require('path');

// path to cert files
const paths = {
  certFile: '/path/to/cert.pem',
  chainFile: '/path/to/fullchain.pem',
  privateFile: '/path/to/privkey.pem',
};

/* Express implementation (ignore) */
const app = express();
app.use(helmet());
app.use(express.static(path.join(__dirname, '..')));
app.get('/', (request, response) => {
  response.sendFile(path.join('index.html'));
});

// setup https
const setupHttps = () => {
  const promises = [
    fse.readFile(paths.chainFile),
    fse.readFile(paths.privateFile),
    fse.readFile(paths.certFile),
  ];

  return Promise
    .all(promises)
    .then(data => {
      const [ chainData, privateData, certData ] = data;
      const options = {
        ca: chainData.toString('utf-8'),
        cert: certData.toString('utf-8'),
        key: privateData.toString('utf-8'),
      };
      return https.createServer(
        options,
        app
      ).listen(443);
    })
    .catch(err => console.log(err));
};

return setupHttps();

编辑:我使用helmetjs来提高http标头的安全性。

相关问题
最新问题