nodejs 创建https服务器
浏览数:32 /
时间:2015年06月09日
创建express的开发环境
~ D:\workspace\javascript>express -e nodejs-https
~ D:\workspace\javascript>cd nodejs-https && npm install
[email protected] node_modules\ejs
[email protected] node_modules\express
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected] ([email protected])
└── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
我本地已经安装了git客户端msysgit,其中包括了openssl程序。
~ D:\workspace\javascript\nodejs-https>git --version
git version 1.8.1.msysgit.1
~ D:\workspace\javascript\nodejs-https>openssl version -a
OpenSSL 0.9.8e 23 Feb 2007
built on: Sat Sep 15 20:34:58 EDT 2007
platform: MSys
options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx)
compiler: gcc -D_WINDLL -DOPENSSL_PIC -DOPENSSL_THREADS -DDSO_DLFCN -DHAVE_DLFCN_H -DTERMIOS -DL_ENDIAN -D__CYGWIN__ -f
omit-frame-pointer -fnative-struct -O3 -mcpu=pentium -march=i486 -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -
DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM
OPENSSLDIR: "/usr/ssl"
openssl生成证书文件
#生成私钥key文件:
~ D:\workspace\javascript\nodejs-https>openssl genrsa -out privatekey.pem 1024
Generating RSA private key, 1024 bit long modulus
...........................++++++
........++++++
e is 65537 (0x10001)
#通过私钥生成CSR证书签名
~ D:\workspace\javascript\nodejs-https>openssl req -new -key privatekey.pem -out certrequest.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.‘, the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:Beijing
Locality Name (eg, city) []:Beijing
Organization Name (eg, company) [Internet Widgits Pty Ltd]:fens.me
Organizational Unit Name (eg, section) []:fens.me
Common Name (eg, YOUR name) []:Conan Zhang
Email Address []:[email protected]
Please enter the following ‘extra‘ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
# 通过私钥和证书签名生成证书文件
~ D:\workspace\javascript\nodejs-https>openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pem
Signature ok
subject=/C=CN/ST=Beijing/L=Beijing/O=fens.me/OU=fens.me/CN=Conan Zhang/emailAddress=[email protected]
Getting Private key
新生成了3个文件:certificate.pem, certrequest.csr, privatekey.pem
~ D:\workspace\javascript\nodejs-https>ls -l
total 17
-rwx------ 1 4294967295 mkpasswd 877 Dec 14 10:53 app.js
-rwx------ 1 4294967295 mkpasswd 956 Dec 14 11:22 certificate.pem
-rwx------ 1 4294967295 mkpasswd 704 Dec 14 11:21 certrequest.csr
drwx------+ 1 4294967295 mkpasswd 0 Dec 14 11:10 node_modules
-rwx------ 1 4294967295 mkpasswd 216 Dec 14 11:03 package.json
-rwx------ 1 4294967295 mkpasswd 887 Dec 14 11:20 privatekey.pem
drwx------+ 1 4294967295 mkpasswd 0 Dec 14 10:53 public
drwx------+ 1 4294967295 mkpasswd 0 Dec 14 10:53 routes
drwx------+ 1 4294967295 mkpasswd 0 Dec 14 10:53 views
- privatekey.pem: 私钥
- certrequest.csr: CSR证书签名
- certificate.pem: 证书文件
修改启动文件:app.js
~ vi app.js
//最下面
var https = require(‘https‘)
,fs = require("fs");
var options = {
key: fs.readFileSync(‘./privatekey.pem‘),
cert: fs.readFileSync(‘./certificate.pem‘)
};
https.createServer(options, app).listen(3011, function () {
console.log(‘Https server listening on port ‘ + 3011);
});
启动服务器:
~ D:\workspace\javascript\nodejs-https>node app.js
Express server listening on port 3000
Https server listening on port 3011
打开浏览器:HTTP访问
HTTPS访问
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。
