Node的https模块
- HTTPS服务器使用HTTPS协议
- 需要证书授权
- SSL安全加密后传输
- 使用443端口
创建HTTPS服务器
- 安装OpenSSL:http://slproweb.com/products/Win32OpenSSL.html
生成证书
管理员权限打开cmd
Microsoft Windows [版本 10.0.16299.125]
(c) 2017 Microsoft Corporation。保留所有权利。
C:\WINDOWS\system32>openssl genrsa -out privatekey.pem 1024
Generating RSA private key, 1024 bit long modulus
............++++++
.................................++++++
e is 65537 (0x10001)
C:\WINDOWS\system32>openssl req -new -key privatekey.pem -out certrequest.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:JS
Locality Name (eg, city) []:MJ
Organization Name (eg, company) [Internet Widgits Pty Ltd]:SV
Organizational Unit Name (eg, section) []:SW
Common Name (e.g. server FQDN or YOUR name) []:localhost
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:qweasdzxc
An optional company name []:ganmu
C:\WINDOWS\system32>openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pem
Signature ok
subject=/C=AU/ST=JS/L=MJ/O=SV/OU=SW/CN=localhost
Getting Private key
C:\WINDOWS\system32>openssl pkcs12 -export -in certificate.pem -inkey privatekey.pem -out certificate.pfx
Enter Export Password:
Verifying - Enter Export Password:
C:\WINDOWS\system32>- https模块
var https = require('https');
var fs = require('fs');
var pk = fs.readFileSync("./certs/privatekey.pem");
var pc = fs.readFileSync("./certs/certificate.pem");
var opts = {
key:pk,
cert:pc
};
var server = https.createServer(opts, function(req, res) {
console.log(req.url);
if(req.url !== './favicon.ico') {
res.setHeader("contentType","text/plain");
res.write("hello");
res.end();
}
});
server.listen(443, "localhost", function() {
console.log('https server is listening on 443');
});浏览器会拦截访问,提示该访问为不安全链接,因为证书无效。
HTTPS客户端
var https = require('https');
var opts = {
hostname:"npmjs.org",
port:443,
path:"/",
method:"GET",
agent:false
};
opts.agent = new https.Agent(opts);
var req = https.request(opts, function(res) {
console.log(res.statusCode);
console.log(JSON.stringify(res.headers));
res.setEncoding('utf8');
res.on('data', function(chunk) {
console.log(chunk);
});
});
req.on("error", function(err) {
console.log(err);
})
req.on("socket", function(socket) {
socket.setTimeout(10*1000);
socket.on("timeout", function() {
req.abort();
});
})
req.end();运行
F:\后台开发\node-server-test>node client.js
301
{
"server":"nginx/1.12.2",
"date":"Thu, 26 Apr 2018 16:36:16 GMT",
"content-type":"text/html",
"content-length":"185",
"connection":"close",
"location":"https://www.npmjs.com/"
}
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.12.2</center>
</body>
</html>