Is there any way I can change my web app to listen on HTTPS instead of HTTP. I'm using node.js/express.
I need it to listen on HTTPS because I'm using geolocation, which Chrome no longer supports unless being served from a secure context such as HTTPS.
This is the current './bin/www' file which currently listens on HTTP.
#!/usr/bin/env node
var app = require('../app');
var debug = require('debug')('myapp:server');
var http = require('http');
var port = normalizePort(process.env.PORT || '9494');
app.set('port', port);
var server = http.createServer(app)
server.listen(port);
server.on('error', onError);
server.on('listening', onListening);
function normalizePort(val) {
var port = parseInt(val, 10);
if (isNaN(port)) {
// named pipe
return val;
}
if (port >= 0) {
// port number
return port;
}
return false;
}
function onError(error) {
if (error.syscall !== 'listen') {
throw error;
}
var bind = typeof port === 'string'
? 'Pipe ' + port
: 'Port ' + port;
// handle specific listen errors with friendly messages
switch (error.code) {
case 'EACCES':
console.error(bind + ' requires elevated privileges');
process.exit(1);
break;
case 'EADDRINUSE':
console.error(bind + ' is already in use');
process.exit(1);
break;
default:
throw error;
}
}
function onListening() {
var addr = server.address();
var bind = typeof addr === 'string'
? 'pipe ' + addr
: 'port ' + addr.port;
debug('Listening on ' + bind);
}
Yes, there is a way. First off, generate a self-signed certificate:
openssl req -nodes -new -x509 -keyout server.key -out server.cert
Then, serve over HTTPS thanks to Node's HTTPS lib:
// imports
const express = require('express');
var fs = require('fs');
const http = require('http');
const https = require('https');
const app = require('./path/to/your/express/app');
// HTTPS server
const httpsServer = https.createServer({
key: fs.readFileSync('server.key'),
cert: fs.readFileSync('server.cert')
}, app);
httpsServer.listen(443, () => console.log(`HTTPS server listening: https://localhost`));
Finally, use a minimal HTTP server to listen requests to the same domain and redirects them:
// redirect HTTP server
const httpApp = express();
httpApp.all('*', (req, res) => res.redirect(300, 'https://localhost'));
const httpServer = http.createServer(httpApp);
httpServer.listen(80, () => console.log(`HTTP server listening: http://localhost`));
This is, of course, the minimal setup. For production, you'll use different certificates, and replace localhost
by a dynamic domain name that you'll generate from req
, and you might not want to use the ports 80 and 443, etc.
Related reads: