Re: [nodejs] https, GoDaddy SSL cert, node.js under Microsoft Azure
1,142 views
Skip to first unread message
Ben Noordhuis
Aug 2, 2012, 11:33:17 AM8/2/12
to nod...@googlegroups.com
On Thu, Aug 2, 2012 at 5:27 PM, thstart <brag...@bragbuddy.com> wrote:
> Install GoDaddy SSL certificate with Node.js
>
> I want to use https for my web app which is running on Microsoft
> Azure.
>
> I used IIS to generate certificate for GoDaddy then downloaded two files:
> <domain name>.crt
> gd_iis_intermediates.p7b
> Then I followed procedures described in GoDaddy to export and password
> protect my <domain name>.pfx certificate. Uploaded to MS Azure now my site
> is serving https only.
>
> Now I need to use https.createServer(options, [requestListener]) as
> described in:
> http://nodejs.org/api/https.html
>
> // curl -k https://localhost:8000/
> var https = require('https');
> var fs = require('fs');
>
> var options = {
> key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
> cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem')
> };
>
> https.createServer(options, function (req, res) {
> res.writeHead(200);
> res.end("hello world\n");
> }).listen(8000);
>
>
>
> There is not a key when I am using IIS so I have to extract
> it from the .pfx and remove the password or to use the .pfx
> directly (which needs a password). How is the right way to
> handle this?
>
>
> var https = require('https');
> var fs = require('fs');
>
> var options = {
> pfx: fs.readFileSync('server.pfx')
> };
>
> https.createServer(options, function (req, res) {
> res.writeHead(200);
> res.end("hello world\n");
> }).listen(8000);
You probably need to pass in a pass phrase. Have a look at the test case:
https://github.com/joyent/node/blob/50e00de/test/simple/test-https-pfx.js
> Install GoDaddy SSL certificate with Node.js
>
> I want to use https for my web app which is running on Microsoft
> Azure.
>
> I used IIS to generate certificate for GoDaddy then downloaded two files:
> <domain name>.crt
> gd_iis_intermediates.p7b
> Then I followed procedures described in GoDaddy to export and password
> protect my <domain name>.pfx certificate. Uploaded to MS Azure now my site
> is serving https only.
>
> Now I need to use https.createServer(options, [requestListener]) as
> described in:
> http://nodejs.org/api/https.html
>
> // curl -k https://localhost:8000/
> var https = require('https');
> var fs = require('fs');
>
> var options = {
> key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
> cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem')
> };
>
> https.createServer(options, function (req, res) {
> res.writeHead(200);
> res.end("hello world\n");
> }).listen(8000);
>
>
>
> There is not a key when I am using IIS so I have to extract
> it from the .pfx and remove the password or to use the .pfx
> directly (which needs a password). How is the right way to
> handle this?
>
>
> var https = require('https');
> var fs = require('fs');
>
> var options = {
> pfx: fs.readFileSync('server.pfx')
> };
>
> https.createServer(options, function (req, res) {
> res.writeHead(200);
> res.end("hello world\n");
> }).listen(8000);
You probably need to pass in a pass phrase. Have a look at the test case:
https://github.com/joyent/node/blob/50e00de/test/simple/test-https-pfx.js
thstart
Aug 2, 2012, 2:39:05 PM8/2/12
to nod...@googlegroups.com
Thank you. Will look at it. Don't feel very comfortable using
it with a password that way.
Tomasz Janczuk
Aug 6, 2012, 1:47:15 PM8/6/12
to nodejs
If you are hosting an HTTPS node.js site in IIS using iisnode, instead
of setting up an HTTPS server in your application, set up an HTTP one.
This is because iisnode acts as an HTTP reverse proxy that terminates
HTTPS traffic. Communication between iisnode and node.exe uses
unsecure HTTP over named pipes.
Thanks,
Tomasz Janczuk
On Aug 2, 8:27 am, thstart <bragbu...@bragbuddy.com> wrote:
> Install GoDaddy SSL certificate with Node.js
>
> I want to use https for my web app which is running on Microsoft
> Azure.
>
> I used IIS to generate certificate for GoDaddy then downloaded two files:
> <domain name>.crt
> gd_iis_intermediates.p7b
> Then I followed procedures described in GoDaddy to export and password
> protect my <domain name>.pfx certificate. Uploaded to MS Azure now my site
> is serving https only.
>
> Now I need to use https.createServer(options, [requestListener]) as
> described in:http://nodejs.org/api/https.html
>
> // curl -khttps://localhost:8000/varhttps = require('https');var fs = require('fs');
of setting up an HTTPS server in your application, set up an HTTP one.
This is because iisnode acts as an HTTP reverse proxy that terminates
HTTPS traffic. Communication between iisnode and node.exe uses
unsecure HTTP over named pipes.
Thanks,
Tomasz Janczuk
On Aug 2, 8:27 am, thstart <bragbu...@bragbuddy.com> wrote:
> Install GoDaddy SSL certificate with Node.js
>
> I want to use https for my web app which is running on Microsoft
> Azure.
>
> I used IIS to generate certificate for GoDaddy then downloaded two files:
> <domain name>.crt
> gd_iis_intermediates.p7b
> Then I followed procedures described in GoDaddy to export and password
> protect my <domain name>.pfx certificate. Uploaded to MS Azure now my site
> is serving https only.
>
> Now I need to use https.createServer(options, [requestListener]) as
> described in:http://nodejs.org/api/https.html
>
thstart
Aug 12, 2012, 6:00:09 PM8/12/12
to nod...@googlegroups.com
you mean I cannot use HTTPS using node.js with Azure?
Peter Rust
May 17, 2013, 9:44:47 AM5/17/13
to nod...@googlegroups.com
Sushil,
Glad you got it working, but it might be worth double-checking what Tomasz Janczuk says above (it looks like he's on the Windows Azure team). My impression is that configuring your custom node app for SSL shouldn't be necessary because Azure (via IISNode) can communicate via SSL between the end-user and the entry-point to your application while using HTTP inside Azure's firewall (between IISNode and your custom node app). I'm not sure if there is a performance difference either way...
Reply all
Reply to author
Forward
0 new messages