Added HTTPS w/ SNI example
This commit is contained in:
		
							parent
							
								
									4944799e27
								
							
						
					
					
						commit
						5275511071
					
				
							
								
								
									
										78
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										78
									
								
								README.md
									
									
									
									
									
								
							| @ -148,7 +148,7 @@ When you submit that to the likes of RapidSSL you'll get back an X.509 that you | ||||
| 
 | ||||
| You cannot use "bundled" certificates (`.pem`) with node.js. | ||||
| 
 | ||||
| ### the server | ||||
| ### A single HTTPS server | ||||
| 
 | ||||
| Here's a complete working example: | ||||
| 
 | ||||
| @ -183,3 +183,79 @@ server = https.createServer(sslOptions, app).listen(port, function(){ | ||||
|   console.log('Listening on https://' + server.address().address + ':' + server.address().port); | ||||
| }); | ||||
| ``` | ||||
| 
 | ||||
| ### Multiple HTTPS servers using SNI | ||||
| 
 | ||||
| I know this works - because I just bought two SSL certs from RapidSSL (through name.com), | ||||
| a Digital Ocean VPS, | ||||
| and played around for an hour until it did. | ||||
| 
 | ||||
| :-) | ||||
| 
 | ||||
| ```javascript | ||||
| 'use strict'; | ||||
| 
 | ||||
| var https = require('https') | ||||
|   , fs = require('fs') | ||||
|   , crypto = require('crypto') | ||||
|   , connect = require('connect') | ||||
|   , vhost = require('vhost') | ||||
|   , app = connect() | ||||
|   , secureContexts = {} | ||||
|   , sslOptions | ||||
|   , server | ||||
|   , port = 4080 | ||||
|   ; | ||||
| 
 | ||||
| require('ssl-root-cas/latest') | ||||
|   .inject() | ||||
|   .addFile(__dirname + '/ssl/Geotrust Cross Root CA.txt') | ||||
|   .addFile(__dirname + '/ssl/Rapid SSL CA.txt') | ||||
|   ; | ||||
| 
 | ||||
| function getAppContext(domain) { | ||||
|   // Really you'd want to do this: | ||||
|   // return require(__dirname + '/' + domain + '/app.js'); | ||||
| 
 | ||||
|   // But for this demo we'll do this: | ||||
|   return connect().use('/', function (req, res) { | ||||
|     res.end('<html><body><h1>Welcome to ' + domain + '!</h1></body></html>'); | ||||
|   }); | ||||
| } | ||||
| 
 | ||||
| function getSecureContext(domain) { | ||||
|   return crypto.createCredentials({ | ||||
|     key:  fs.readFileSync(__dirname + '/' + domain + '/ssl/server.key') | ||||
|   , cert: fs.readFileSync(__dirname + '/' + domain + '/ssl/server.crt') | ||||
|   }).context; | ||||
| } | ||||
| 
 | ||||
| [ 'aj.the.dj' | ||||
| , 'ballprovo.com' | ||||
| ].forEach(function (domain) { | ||||
|   secureContexts[domain] = getSecureContext(domain); | ||||
|   app.use(vhost('*.' + domain, getAppContext(domain))); | ||||
|   app.use(vhost(domain, getAppContext(domain))); | ||||
| }); | ||||
| 
 | ||||
| // fallback / default domain | ||||
| app.use('/', function (req, res) { | ||||
|   res.end('<html><body><h1>Hello World</h1></body></html>'); | ||||
| }); | ||||
| 
 | ||||
| //provide a SNICallback when you create the options for the https server | ||||
| sslOptions = { | ||||
|   //SNICallback is passed the domain name, see NodeJS docs on TLS | ||||
|   SNICallback: function (domain) { | ||||
|     console.log(domain); | ||||
|     return secureContexts[domain]; | ||||
|   } | ||||
|   // fallback / default domain | ||||
|   , key:  fs.readFileSync(__dirname + '/aj.the.dj/ssl/server.key') | ||||
|   , cert: fs.readFileSync(__dirname + '/aj.the.dj/ssl/server.crt') | ||||
| }; | ||||
| 
 | ||||
| server = https.createServer(sslOptions, app).listen(port, function(){ | ||||
|   console.log("Listening on " + server.address().port); | ||||
| }); | ||||
| ``` | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user