HTTPS server (SSL) Implementation in node.js

Node.js provides HTTP server as one of the core libraries. So there is no need for a separate HTTP server. But if you are developing any application in node.js which needs secure transactions then HTTPS server is necessary for it. So it can allow private information to be transmitted without the problems of eavesdropping, data tampering, or message forgery between your node.js server and your visitor’s browser.Developer should add SSL certificate in code to implement HTTPS server in node.js.

First i will let you know how to Create self-signed SSL certificate.

# Become root first
$ apt-get install openssl
$ mkdir /etc/ssl/self-signed && cd /etc/ssl/self-signed
$ openssl genrsa -des3 -out server.key 2048
$ openssl rsa -in server.key -out server.key.insecure
$ mv server.key server.key.secure && mv server.key.insecure server.key
$ openssl req -new -key server.key -out server.csr
$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Above commands will generate two files server.key(private key to SSL certificate) and server.crt(signed certificate) in /etc/ssl/self-signed folder.

Now create a file server.js in your system. And add following code in it :

//Include the https and ,file system modules
var https = require('https');
var fs = require('fs');

//Create the server options object, specifying the SSL key & cert
var options = {
key: fs.readFileSync('/etc/ssl/self-signed/server.key'),
cert: fs.readFileSync('/etc/ssl/self-signed/server.crt')
};

//Create the HTTPS enabled server - listening on port 443
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(443);

Code Explanation :
Following is line by line explanation of above code:

var https = require('https');
var fs = require('fs');

In above two lines we are adding HTTPS and FS modules which are required for SSL implementation. After including require modules we need to add SSL files (key and cert files) path. We have already generated self-signed SSL and its files are stored in /etc/ssl/self-signed folder.

var options = {
key: fs.readFileSync('/etc/ssl/self-signed/server.key'),
cert: fs.readFileSync('/etc/ssl/self-signed/server.crt')
};

In above code we are adding server.key and server.crt files path in options array variable. Now we need to create HTTPS server and pass this files through options variable to it.

https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(443);

In above code lines, we have created HTTPS server by using createServer method. In it we have passed options variable as a parameter which contains SSL files path. And this server is listening on port no 443 which is a HTTPS port.
If you buy authenticated SSL certificate from any trusted service provider then you will get .key and .crt files. Just save this files in your system and replace self-signed SSL files path with this new authenticated files in above code.
Now open terminal and goto path where you have saved server.js file in your system. And run following command:

node server.js

Now open your favourite browser and enter https://localhost in address bar and press enter key. You will get hello world text in browser. That means you have successfully implemented HTTPS server in node.js. Please note that if you are using any other port than 443 then please mention that port number in url. For example, if you are using port number 8443 then enter https://localhost: 8443 url in browser.

More Info : Node.js Https

About

My Name is Dileep Singh, Noder, Javascript Lover & NoSql Developer, Fitness Freak, Love to travel new places, learning photography & Music Manic ♯ ♩ ♬

Posted in Node.Js Tagged with:
2 comments on “HTTPS server (SSL) Implementation in node.js
  1. Adonis Valamontes says:

    Hi I am a newbie on the node.js scene, how would I install a comodo ssl certificate on my node.js server?

    Your thoughts?

    Thanks in advance!

  2. dileep says:

    You only have to include the CA( An authority certificate or array of authority certificates to check the remote host against.) in the options with the key and cert property like
    ” ca: fs.readFileSync(/path/to/CA/cert) ” .For more Info you can refer this http://www.benjiegillam.com/2012/06/node-dot-js-ssl-certificate-chain/ else i will write another post.