{{announcement.body}}
{{announcement.title}}

Generating a Trusted SSL Certificate (Node Example)

DZone 's Guide to

Generating a Trusted SSL Certificate (Node Example)

In this article, we discuss basics behind SSL Certificates and how to generate one with minimal overhead and add it to your server with Node.

· Security Zone ·
Free Resource

An SSL Certificate is a file that helps browsers recognize that a domain name belongs to a server owner (as well as it's information like name, location, company, etc). 

So, if you host your website without certificates, browsers will show users that the site is unsafe and might block the site itself or disable video/audio on it.

Ways to Generate SSL Certificates

1. Self-Signed Certificate

Such a certificate also won't be trusted by browsers. And you would need to ask all users to add that certificate in a trusted list in your browser's settings. It might work only for internal users. Otherwise, users will see something like this:

Connection is not secure

Connection is not secure

2. Generate a Certificate Signed by a Certificate Authority 

The Let's Encrypt Foundation helps generate certificates that will be recognized as trusted in all browsers. In order to simplify certificate generation, you can use a fully automated service called certbot. Here's what you need to do to generate a certificate with cerbot:

  1. Attach your domain name to your server.
  2. Login to your server via ssh as root.
  3. Install certbot on your server and execute a set of commands.
  4. Wait until your certificate being recognized by browser (10 mins or so).
You may also like: Everything About HTTPS and SSL (Java).

Depending on your web server and operating system, you fill find the corresponding set of instructions in certbot's documentation.

Once you install certbot and execute the commands to generate your certificate, you will find certificate files in the /etc/letsencrypt/live/domain folder.

For your HTTPS server, you only need two files: cert.pem and privkey.pem

You can then use those files to create a secure server with Node.js with the following script:

JavaScript




x
14


1
var nodeStatic = require('node-static');
2
var https = require('https');
3
var file = new (nodeStatic.Server)();
4
const fs = require('fs');
5
 
          
6
const options = {
7
    key: fs.readFileSync('/etc/letsencrypt/live/domain/privkey.pem'),
8
    cert: fs.readFileSync('/etc/letsencrypt/live/domain/cert.pem')
9
};
10
 
          
11
var app  = https.createServer(options, function (req, res) {
12
    file.serve(req, res);
13
}).listen(443);



Save that file as server.js and execute it.

Plain Text




xxxxxxxxxx
1


 
1
node server.js 



Wait until your certificate is synchronized and open your website. Now, your connection should be trusted:

Secure connection

Secure connection


Further Reading

Topics:
ssl certificate ,letsencrypt ,certificate authortiy ,nodejs ,website ,security

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}