한국어

Coding

온누리070 플레이스토어 다운로드
    acrobits softphone
     온누리 070 카카오 프러스 친구추가온누리 070 카카오 프러스 친구추가친추
     카카오톡 채팅 상담 카카오톡 채팅 상담카톡
    
     라인상담
     라인으로 공유

     페북공유

   ◎위챗 : speedseoul


  
     PAYPAL
     
     PRICE
     

pixel.gif

    before pay call 0088 from app


https://aghassi.github.io/ssl-using-express-4/


There is a lot that goes into being secure with user data now-a-days. I’ve been playing around with getting a node server setup on a project I am working on because it required Google Places. Google Places recommends that you have a server with a special key (which they provide) hit their servers on behalf of your users. So your servers are hit by your users, and then you ask Google for the data that is needed via your server. Because of this, I was looking into what I would need to have a working server to do what I want. I had never done any server programming before, but I know Javascript so I figured Node.js was a good choice. I had looked at Express for past projects, but never used it do to the restrictions of said projects. The reason I chose Express is because it is built on top of Node.js, but is really good for routing and endpoints (from what I took away when I read up on it).

For my testing purposes, everything I did was set up on my local computer, so I was using localhost as my web address. Because this was just a test for something I will deploy in the future, I didn’t want to test on production machines. My plan is to use DigitalOceanwhen the time comes. So let’s get started.


Getting a Basic Server Set Up

Let’s start with the basics. We will need an Express server that runs on Node. To do this, we will need to get the installer for Node.js. You can use any package manager you want for this, but I’m going to be lazy and say just run the installer. Just head over to Node.js’ website and download the version for your current computer. FAIR WARNING: I’m using OS X, and so Windows users you may have to do something different (Linux users should be fine).

Once you have installed Node, we want to make our first basic server. Here is what we are going to do:

  1. Create a folder to house our server files, doesn’t matter where it is. I keep all my projects in my ~/git directory.
  2. run npm init in the directory and follow the prompts.
  3. run npm install express to install Express.
  4. Create a new file. Let’s call it server.js. Open the file in your favorite text editor. I like Sublime.

Once we have our file, we have to declare our imports. We are going to need expresshttphttps, and fsexpress is what allows us to run the Express server and use any API that Express provides us. https tells our server that we accept secure connections, and what ports to listen in on (as well as options to reference keys and certs). And finally, fs is for file system access, since we will need to point our server to where the keys are.

Here is what our imports look like:

var express = require('express');
var http = require('http');
var https = require('https');
var fs = require('fs');

For starters, we just want a basic server. So to do so we are going to create a very basic http server that has no encryption so we can just test that our ports work. That is very easy to do in Express, it looks like this:

var server = express();
http.createServer(server).listen(8000);

Once you have that, hop into your terminal, I like iTerm, and start your server using node server.js (make sure you are in the proper directory so server.js is seen). It should look like this: node_server.png

You can now navigate in your browser to http://localhost:8000. You will most likely get a blank page if you succeed because we haven’t told the server what to serve you once you get there. Let’s go tweak that. Add under your server code the following:

server.get('/', function (req, res) {
    res.send("Hello World!");
});

What the above function is telling the server is that when a GET request at /, it should send a response that says "Hello World!"req is the request object being sent, and res is the response object that we are getting ready to send back to the user.

Cool, you can save that, kill your server (that is Ctrl + C), and start it up again. Navigate to the same web address, and you should now see Hello World! displayed.


Creating your SSL Certificates

Awesome! You now have a running server. But! We want to keep our user data safe, so we need to take measures to make sure that we are providing a secure connection for users. So we are going to make an SSL key and certificate so we can verify secure connection with the browser. As a preface, I found the code on how to do this from StackOverflow. You can see the link here.

SSL generation is pretty straight forward, except when you do it wrong (like I did… many times). Thankfully, the post linked above shows how to do it in one line. In your terminal, in the directory we were working in before, type the following (please bear in mind XXX is number of days you want this certificate to be valid for):

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days XXX

Something to note is that this is considered a self signed certificate. This means that no authority has validated it, and your browser will warn you about it when you access your page. This is fine for local testing, but for a production environment you should always have a legitimate certificate from a good provider.

We can break this code down just so we have an idea of what we are doing (fair warning, I ripped this from the StackOverflow link above):

  • req - utility used to request the certificate.
  • -x509 - tells the computer we want a self signed certificate and not to actually request one from a certificate authority.
  • -newkey - takes a paramater rsa:n-bits. It will generate a new key and certificate with RSA encryption of n-bits that are passed in. Here we are passing in the request for RSA of 2048 bits.
  • -keyout key.pem - puts out a key file that is the same name as the argument being passed to -keyout. In this case, we are generating a key file named key.pem.
  • -out cert.pem - puts out a file (in this case a certificate) with the name being passed to -out. Here we are certificate cert.pem.
  • -days XXX - how many days the certificate should be for. Defaults to 30 days.

Run this in your terminal, and you will be asked some questions reguarding your certificate during creation. Answer ALL of them. Make sure that when asked for the following:

Common Name (e.g. server FQDN or YOUR name) []:

You specifcy localhost. If you were rolling out to a production server, this would be the name of your server address. If you specifcy a passphrase, you will want to remember what it was so you can reference it later. When you are done, you can verify that you have your key and cert generated by typing ls in your terminal.


Enabling HTTPS on Express

Jumping back to our server.js, we are going to add a couple of lines to let the server know how to handle a secure request. First thing we want to do is create a JSON object that we pass with the key and cert in it.

var sslOptions = {
  key: fs.readFileSync('key.pem'),
  cert: fs.readFileSync('cert.pem')
};

If you had a passphrase, you will want to add passphrase: 'yourPassPhrase' to this object after the cert line. The only downside to this is that we want to read the file system synchronously, hense readFileSync() as our function. This could mean hold ups if this takes a long time, but in most cases you should be fine. Once you have that, we are going to reference the https object we created earlier. Under the http.createServer we are going to to use the same command.

https.createServer(sslOptions, server).listen(8443)

Here we are telling the server that if it is asked for an https connection on port 8443, it should use the ssl options we provided it and then respond as normal. So now if you save your file, you can restart your server in the terminal, and go to https://localhost:8443 in your browser and see your “Hello World!” web page. You will most likely be warned about how your certificate is not properly signed, just hit ok and proceed to the web page.

06/06/2016 - Revised with typo correction courtesy of Robert.

Written on October 8, 2015
번호
제목
글쓴이
63 [SSL]HTTPS통신을 위한 SSL인증서 발급하기(OpenSSL) 원리까지 충실하게 설명잘됨
admin
10082   2020-02-13
 
62 인증 기관에서 발급한 SSL 인증서 설치 및 사용설명
admin
5321   2020-02-13
 
61 iOS NSURLSession Example (HTTP GET, POST, Background Downlads )
admin
7465   2019-06-04
 
60 iOS Tutorial - Part 26 - HttpRequest POST, GET (NSURLConnection)1
admin
6178   2019-05-20
 
59 Simple http post example in Objective-C?
admin
5696   2019-05-20
 
58 리눅스 CentOS 6.5 SSL 구축 방법
admin
7716   2018-06-01
 
57 무료 SSL 인증서 SSL For Free
admin
7763   2018-05-26
 
56 도메인클럽 m 또는 www등의 서브도메인(a레코드) 추가는 어디서 할 수 있나요?
admin
6999   2018-05-25
 
55 Certificate Installation : Node.js in Linux
admin
6296   2018-05-25
 
54 online-csr-and-key-generator CSR 온라인 제너레이터 생성 만들기 Private key
admin
6429   2018-05-25
 
53 COMODO SSL www.gogetssl.com namecheap.com SSL 인증서 구매 서버에 적용 순서
admin
9426   2018-05-25
 
52 인증서 취소 How to cancel an SSL certificate? www.namecheap.com
admin
8199   2018-05-25
 
51 Android SSL 프로그램 공인인증서 사설 인증서 ROOTCA Self-signed 인증서 에러 원인
admin
7025   2018-05-25
 
50 Retrofit is one of the most popular HTTP Client Library for Android 간결하고 요점정리
admin
7133   2018-05-23
 
49 SSL 프로그래밍 참고
admin
6375   2018-05-23
 
48 HTTPS 및 SSL을 사용한 보안 구글 문서
admin
9969   2018-05-23
 
47 Consuming APIs with Retrofit
admin
8420   2018-05-22
 
46 COMODO SSL Analyzer ip 도메인 모두 가능합니다
admin
6502   2018-05-22
 
45 OpenSSL 로 ROOT CA 생성 및 SSL 인증서 발급 순서 Self Signed Certificate
admin
7320   2018-05-22
 
44 Android에 루트 CA 설치
admin
8410   2018-05-22
 
43 How to update OpenSSL on Debian testing
admin
6960   2018-05-22
 
42 신뢰되지 않는 인증서를 사용하여 SSL 구성
admin
11434   2018-05-22
 
41 OpenSSL tips and common commands
admin
7155   2018-05-22
 
40 How to get FREE SSL Certificate for Website (HTTPS) 인증서 무료로 받기
admin
6261   2018-05-22
 
39 retropit
admin
6426   2018-05-20
 
38 SSL test code
admin
6914   2018-05-20
 
37 HttpsURLConnection в ASyncTask https
admin
6513   2018-05-19
 
36 protected String doInBackground(String... strings) {
admin
6393   2018-05-19
 
35 Using Google Spread sheet as DataBase Part -2
admin
6897   2018-05-19
 
34 Android: HTTPS (SSL) connection using HttpsURLConnection
admin
7109   2018-05-19
 
33 HttpsUrlConnection, you can refer to my following sample code good
admin
6437   2018-05-19
 
32 how to use HttpsUrlConnection instead of DefaultHttpClient
admin
6368   2018-05-19
 
31 Https simple get request
admin
6471   2018-05-19
 
30 Base64 encoded value of [API-key]:[API-Secret] appending the "Basic " string in start.
admin
7760   2018-05-19
 
29 Class: https.Server
admin
6933   2018-05-19
 
28 HTTP2 server push in depth with node.js
admin
7246   2018-05-19
 
27 HSTS forces the client (browser accessing your server) to direct all traffic through HTTPS
admin
6543   2018-05-19
 
26 https ssl node js real code
admin
6715   2018-05-19
 
25 https 및 openssl 키값 decoding 확인 ssl tls
admin
6623   2018-05-19
 
24 TLS/SSL Concepts nodejs how to
admin
7121   2018-05-19
 
23 HTTPS Authorized Certs with Node.js
admin
7304   2018-05-19
 
22 How to Use SSL/TLS with Node.js Related Topics
admin
7245   2018-05-19
 
21 openssl website
admin
6282   2018-05-19
 
20 node js HTTPS server and client
admin
7261   2018-05-19
 
19 RESTful API with NodeJS/Express mysql
admin
6788   2018-05-19
 
18 Build a Rest API for Node & Mysql 2018 JWT
admin
7074   2018-05-19
 
Using SSL with Express 4 and Node.js
admin
6972   2018-05-19
https://aghassi.github.io/ssl-using-express-4/ There is a lot that goes into being secure with user data now-a-days. I’ve been playing around with getting a node server setup on a project I am working on bec...  
16 https node js rest api express
admin
6298   2018-05-19
 
15 9 FREE Useful Online SSL/TLS Certificate Tools
admin
7976   2018-05-19
 
14 Do you know where your app’s secrets are?
admin
7092   2018-05-19
 
13 node js rest with express
admin
7152   2018-05-19
 
12 simple HTTPS JSON REST server using node.js
admin
6336   2018-05-19
 
11 5 Ways to Make HTTP Requests in Node.js
admin
23246   2018-05-19
 
10 express() detail easy doc
admin
19247   2018-05-19
 
9 express https simple example
admin
6189   2018-05-19
 
8 Online CSR and Key Generator
admin
6312   2018-05-19
 
7 SSL Converter checker
admin
7088   2018-05-19
 
6 here is a complete working example. rest api https
admin
6235   2018-05-19
 
5 node-rest-client
admin
6994   2018-05-19
 
4 Rules for REST API URI Design
admin
7380   2018-05-19
 
3 RESTful API Authentication Basics
admin
7704   2018-05-19
 
2 Benefits For REST APIs with HTTP/2 HTTP/1.x vs HTTP/2
admin
60994   2018-05-19
 
1 HTTPS, Redis, FCM, EC2 Setup 키생성 인증서 요청서 openssl 이용 상세한설명
admin
5865   2018-05-19