我的环境

  1. 亚马逊(AWS)的一个ubuntu虚拟机.
  2. node
  3. openssl

生成证书

输入如下命令会在你的当前文件夹生成localhost.key和localhost.cert.

openssl genrsa -out localhost.key 2048
openssl req -new -x509 -key localhost.key -out localhost.cert -days 3650 -subj /CN=localhost

其中localhost为域名. 想要换成别的域名就直接把上面的所有localhost替换成你的域名.

以我为例, 我的虚拟机的域名是xxx.compute.amazonaws.com, 就以这个域名替换上面所有的localhost, 会生成, ec2-34-220-96-9.us-west-2.compute.amazonaws.com.key ec2-34-220-96-9.us-west-2.compute.amazonaws.com.cert两个文件.

更新

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

如果不想用密码保护私钥, 加上-nodes.

加上-subj '/CN=localhost'可以设置certificate的内容. 将其中的localhost替换成你的域名.

参考:How to create a self-signed certificate with openssl?

代码

想要运行如下代码, 需要先安装包

npm init
npm i -S https express

创建文件index.js, 内容如下.

#!/usr/bin/env node

var https = require('https');
var fs = require('fs');
var express = require('express');

var host = 'xxx.compute.amazonaws.com'; // Input you domain name here.
var options = {
  key: fs.readFileSync( './' + host + '.key' ),
  cert: fs.readFileSync( './' + host + '.cert' ),
  requestCert: false,
  rejectUnauthorized: false
};

var httpApp = express();
var app = express();
app.get('/', function (req, res) {
 res.send('hi HTTPS');
});
httpApp.get('/', function (req, res) {
 res.send('hi HTTP');
});
httpApp.listen(80, function () {
 console.log('http on 80');
});
var server = https.createServer( options, app );

server.listen( 443, function () {
  console.log( 'https on 443' );
} );

启动服务器

sudo node index.js

访问

浏览器中输入http://xxx.compute.amazonaws.com/就会以80端口访问HTTP服务器. 显示hi HTTP.

输入https://xxx.compute.amazonaws.com/就会以443端口访问HTTPS服务器, 显示hi HTTPS.

参考

Self-Signed, Trusted Certificates for Node.js & Express.js

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持脚本之家。

02-09 10:39