nodejs/nodebestpractices
1
0
Fork 0
mirror of https://github.com/goldbergyoni/nodebestpractices.git synced 2025-11-03 03:36:26 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
nodebestpractices/sections/security/secureserver.md
root a7c8abe85c init
2018-09-15 17:32:12 +03:00

1.1 KiB
Raw Blame History

Using HTTPS to encrypt the client-server connection



One Paragraph Explainer

Using services like the Let'sEncrypt certificate authority providing free ssl/tls certificates, you can easily obtain a certificate to secure your application. Node.js frameworks like Express (based on the core https module) support ssl/tls based servers easily, so the configuration can be done in a few lines of additional code.

You can also configure ssl/tls on your reverse proxy pointing to your application for example using nginx or HAProxy.



Code Example Enabling SSL/TLS using the Express framework

const express = require('express');
const https = require('https');
const app = express();
const options = {
    // The path should be changed accordingly to your setup
    cert: fs.readFileSync('./sslcert/fullchain.pem'),
    key: fs.readFileSync('./sslcert/privkey.pem')
};
https.createServer(options, app).listen(443);