Applying for an SSL Certificate
- Apply for an SSL certificate, download the SSL certificate (.pem and.key files), and upload the certificate to the Linux server.
Nginx configures HTTPS
1. Configure the SSL module
- Go to the Nginx decompression package and configure the SSL module
./configure --with-http_ssl_module
Copy the code
- Then run the compile command
make
Copy the code
- Nginx is installed in /usr/local/by default.
cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak
Copy the code
- Run the following command to overwrite the old nginx with the new one
cp objs/nginx /usr/local/nginx/sbin/nginx
Copy the code
2. Configuration File Configure HTTPS
- Configure HTTPS in the HTTP configuration item in the nginx.conf configuration file
Server {listen443; The HTTPS protocol default port is443Port server_name localhost; ssl on; root html; index index.html index.htm; ssl_certificate /ssl/ssl.pem; Pem file path ssl_certificate_key/SSL /ssl.key; Ssl_session_timeout 5M; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:! NULL:! aNULL:! MD5:! ADH:! RC4; ssl_protocols TLSv1 TLSv11. TLSv12.; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; # project page}}Copy the code
- Start nginx and access the project over HTTPS
nginx
Copy the code
Express configuration HTTPS
- Configure HTTPS in the startup file
const express = require('express')
const compression = require("compression") / / gzip package
const https = require('https')
const fs = require('fs')
const app = express()
app.use(compression()) // Enable gzip code compression
app.use(express.static('/')) // Manage static resources
app.get('/ *'.function(req, res) {
const html = fs.readFileSync('./index.html'.'utf-8') // Project home page
res.send(html)
})
// SSL certificate configuration
const options = {
key: fs.readFileSync('/ssl/ssl.key'), // SSL certificate -.key file path
cert: fs.readFileSync('/ssl/ssl.pem') // SSL certificate -.pem file path
}
https.createServer(options, app).listen(443.'0.0.0.0'); // 443 is the default HTTPS port
Copy the code