绝大部分demo和姿势都可以在nodejs官网查看到。可以多多查阅
自签名的证书生成(不推荐2333)
openssl genrsa -out server.key 2048//这是秘钥
openssl req -new -sha256 -key server.key -out csr.pem//这好像是签名请求?没在意
openssl x509 -req -in csr.pem -signkey server.key -out cert.pem//这是证书
以下代码来自官网demo改编
https 服务器端 servers
// curl -k https://localhost:8000/
const https = require('https');
const fs = require('fs');
const options = {
key: fs.readFileSync('./ssl/server.pem'),//这是我在ssl目录下生成的server.key改名为server.pem
cert: fs.readFileSync('./ssl/cert.pem'),
requestCert:true, //请求客户端证书
rejectUnauthorized:false //如果没有请求到客户端来自信任CA颁发的证书,拒绝客户端的连接
};
https.createServer(options, (req, res) => {
res.writeHead(200);
console.log(req);
console.log(typeof req);
console.log(req.method);
res.end('hello world\n');
}).listen(9000);
console.log("server https is running 9000");//接下来是https post请求demo 以验证证书,其实可以此时可以用浏览器访问你的端口,注意看浏览器栏,左边一般有个红色三角感叹号,那就是说有个证书,但是证书不规范233
//以下程序也来自官方demo改编
const https = require('https');
const fs = require('fs');
const querystring = require("querystring");
const postData = querystring.stringify({
'msg': 'Hello World!'
});
const options = {
hostname: '127.0.0.1',
port: 9000,
path: '/',
method: 'POST',
requestCert:true, //请求客户端证书
rejectUnauthorized: false, //不拒绝不受信任的证书
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': Buffer.byteLength(postData)
}
};
const req = https.request(options, (res) => {
console.log(`STATUS: ${res.statusCode}`);
console.log(`HEADERS: ${JSON.stringify(res.headers)}`);
res.setEncoding('utf8');
res.on('data', (chunk) => {
console.log(`BODY: ${chunk}`);
});
res.on('end', () => {
console.log('No more data in response.');
});
});
req.on('error', (e) => {
console.error(`problem with request: ${e.message}`);
});
// write data to request body
req.write(postData);
req.end();