blog Nginx & Node.js & Express 配置 HTTPS

Nginx & Node.js & Express 配置 HTTPS

Open xuya227939 opened this issue 6 years ago • 0 comments

购买

以阿里云示例，免费SSL证书购买地址：https://common-buy.aliyun.com/?spm=5176.2020520163.cas.1.zTLyhO&commodityCode=cas#/buy

补全

购买好证书之后，进行资料补全。 1.输入域名 2.填写资料 3.域名验证类型，选择DNS 4.系统生成CSR

下载

补全好之后，进行下载证书

Nginx配置

1.在nginx目录下新增cert目录 2.把下载好的包上传至cert目录下 3.修改nginx.conf，替换为以下内容

server {
    listen 443;
    server_name localhost;
    ssl on;
    root html;
    index index.html index.htm;
    ssl_certificate   cert/214799830030327.pem;      #访问的证书目录
    ssl_certificate_key  cert/214799830030327.key; #访问的证书目录
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    location / {
        root html;
        index index.html index.htm;
    }
}

4.重启nginx 5.https访问您的站点。

Node.js配置

1.安装node.js 2.编辑web.js内容

var https = require('https');
var fs = require('fs');
var options = {
    key: fs.readFileSync('213949634960268.key'),
    cert: fs.readFileSync('213949634960268.pem')
};
var a = https.createServer(options, function (req, res) {
    res.writeHead(200);
    res.end("hello world\n");
}).listen(443);

3.启动 node web.js 4.访问您的站点

Express配置

1.修改 /bin/www 文件，写入以下代码

#!/usr/bin/env node

/**
 * Module dependencies.
 */

var app = require('../app');
var debug = require('debug')('myapp:server');
var https = require('https');
const fs = require('fs');

/**
 * Get port from environment and store in Express.
 */

const options = {
    key: fs.readFileSync('/etc/nginx/cert/214799830030327.key'),
    cert: fs.readFileSync('/etc/nginx/cert/214799830030327.pem')
};

var port = normalizePort(process.env.PORT || '9000');
app.set('port', port);

/**
 * Create HTTP server.
 */

//var server = http.createServer(app);

/**
 * Listen on provided port, on all network interfaces.
 */

// server.listen(port);
// server.on('error', onError);
// server.on('listening', onListening);


var servers = https.createServer(options, app);


servers.listen(port);
servers.on('error', onError);
servers.on('listening', onListening);

/**
 * Normalize a port into a number, string, or false.
 */

function normalizePort(val) {
    var port = parseInt(val, 10);

    if (isNaN(port)) {
        // named pipe
        return val;
    }

    if (port >= 0) {
        // port number
        return port;
    }

    return false;
}

/**
 * Event listener for HTTP server "error" event.
 */

function onError(error) {
    if (error.syscall !== 'listen') {
        throw error;
    }

    var bind = typeof port === 'string' ?
        'Pipe ' + port :
        'Port ' + port;

    // handle specific listen errors with friendly messages
    switch (error.code) {
        case 'EACCES':
            console.error(bind + ' requires elevated privileges');
            process.exit(1);
            break;
        case 'EADDRINUSE':
            console.error(bind + ' is already in use');
            process.exit(1);
            break;
        default:
            throw error;
    }
}

/**
 * Event listener for HTTP server "listening" event.
 */

function onListening() {
    var addr = servers.address();
    var bind = typeof addr === 'string' ?
        'pipe ' + addr :
        'port ' + addr.port;
    debug('Listening on ' + bind);
}

2.重新访问您的站点

示例

https://downfuture.com:9000/api/v1/getCard

遇到问题

配置好了，访问您的站点出现无法访问网站的报错，可能是安全组没有开放443端口。

Jun 25 '18 09:06 xuya227939

blog blog copied to clipboard

Nginx & Node.js & Express 配置 HTTPS

购买

补全

下载

Nginx配置

Node.js配置

Express配置

示例

遇到问题

blog
blog copied to clipboard