Chia Sẽ Kinh Nghiệm Về IT



Tìm Kiếm Với Google
-


Gởi Ðề Tài Mới  Gửi trả lời
 
Công Cụ Xếp Bài
Tuổi 18-08-2021, 05:12 PM   #1
hoctinhoc
Guest
 
Trả Lời: n/a
Hướng dẫn cài đặt ssl let's encrypt trên Node JS
Hướng dẫn cài đặt ssl let's encrypt trên Node JS




[IMG]https://miro.medium.com/max/1400/1*tuufwZ37Yd0ialLOmr4aPg.jpeg[/IMG]

HTTPS is the basic security setting for all websites. To enable HTTPS and avoid the annoying “certificate not trusted error” on browsers, you need to get a certificate from a trusted issuer and install it on your server.
Let’s Encrypt is a free, automated, and open Certificate Authority. With letsencrypt, you can secure your server with HTTPS for free.
In this post, I will introduce how to secure your nodejs server with letsencrypt-express (now renamed to greenlock-express). Although there is an express in the name, you can still use it in your non-express nodejs server.
First, let’s create a test server:
Trích dẫn:
const http = require('http');function handler(req, res) {
res.end('Hello World!');
}http.createServer(handler).listen(80);
It listens on port 80 and response ‘Hello World!’ to any request.
Next, you need to enable HTTPS by starting an https server:


Trích dẫn:
const http = require('http');
const https = require('https');function handler(req, res) {
res.end('Hello World!');
}http.createServer(handler).listen(80);
https.createServer(handler).listen(443)
The https server does not work now, as you haven’t specify any certificate for it yet.
Now use letsencrypt-express (greenlock-express) to create a handler wrapper: (2018–05–20: the following code has been updated to support Let’s Encrypt v2)



Trích dẫn:
const PROD = false;const lex = require('greenlock-express').create({
version: 'draft-11', server: PROD ? 'https://acme-v02.api.letsencrypt.org/directory' : 'https://acme-staging-v02.api.letsencrypt.org/directory', approveDomains: (opts, certs, cb) => {
if (certs) {
// change domain list here
opts.domains = ['example.com', 'yourdomain.com']
} else {
// change default email to accept agreement
opts.email = 'youremail@here.com';
opts.agreeTos = true;
}
cb(null, { options: opts, certs: certs });
} // optional: see "Note 3" at the end of the page
// communityMember: true});const middlewareWrapper = lex.middleware;
You need to change the domain list and default email in approveDomains function according to your own needs.
The returned object middlewareWrapper is a function, which takes any handler with the following form, and returns a middleware with the same form:


Trích dẫn:
function(req, res, next)
This is good, because it can be used in different web frameworks. Now wrap your https request handler with it:


Trích dẫn:
https.createServer(
lex.httpsOptions,
middlewareWrapper(handler)
).listen(433);
That’s it! Test your server with HTTPS, if every thing is ok, set PROD to true, restart, and your server is well protected by HTTPS.


Tham khảo: https://medium.com/@bohou/secure-you...e-f8925742faa9
  Trả lời ngay kèm theo trích dẫn này
Gửi trả lời


Công Cụ
Xếp Bài

Quyền Hạn Của Bạn
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is Mở
Hình Cảm xúc đang Mở
[IMG] đang Mở
Mã HTML đang Tắt




Bây giờ là 05:39 AM. Giờ GMT +7



Diễn đàn tin học QuantriNet
quantrinet.com | quantrimang.co.cc
Founded by Trương Văn Phương | Developed by QuantriNet's members.
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.