创建express的开发环境
~ D:\workspace\javascript>express -e nodejs-https~ D:\workspace\javascript>cd nodejs-https && npm installejs@0.8.5 node_modules\ejsexpress@3.2.6 node_modules\express├── methods@0.0.1├── fresh@0.1.0├── cookie-signature@1.0.1├── range-parser@0.0.4├── debug@0.7.4├── buffer-crc32@0.2.1├── cookie@0.1.0├── commander@0.6.1├── mkdirp@0.3.4├── send@0.1.0 (mime@1.2.6)└── connect@2.7.11 (pause@0.0.1, qs@0.6.5, bytes@0.2.0, cookie@0.0.5, formidable@1.0.14, send@0.1.1)
我本地已经安装了git客户端msysgit,其中包括了openssl程序。
~ D:\workspace\javascript\nodejs-https>git –versiongit version 1.8.1.msysgit.1~ D:\workspace\javascript\nodejs-https>openssl version -aOpenSSL 0.9.8e 23 Feb 2007built on: Sat Sep 15 20:34:58 EDT 2007platform: MSysoptions: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx)compiler: gcc -D_WINDLL -DOPENSSL_PIC -DOPENSSL_THREADS -DDSO_DLFCN -DHAVE_DLFCN_H -DTERMIOS -DL_ENDIAN -D__CYGWIN__ -fomit-frame-pointer -fnative-struct -O3 -mcpu=pentium -march=i486 -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASMOPENSSLDIR: "/usr/ssl"
openssl生成证书文件
#生成私钥key文件:~ D:\workspace\javascript\nodejs-https>openssl genrsa -out privatekey.pem 1024Generating RSA private key, 1024 bit long modulus………………………++++++……..++++++e is 65537 (0x10001)#通过私钥生成CSR证书签名~ D:\workspace\javascript\nodejs-https>openssl req -new -key privatekey.pem -out certrequest.csrYou are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter ‘.’, the field will be left blank.—–Country Name (2 letter code) [AU]:CNState or Province Name (full name) [Some-State]:BeijingLocality Name (eg, city) []:BeijingOrganization Name (eg, company) [Internet Widgits Pty Ltd]:fens.meOrganizational Unit Name (eg, section) []:fens.meCommon Name (eg, YOUR name) []:Conan ZhangEmail Address []:bsspirit@gmail.comPlease enter the following ‘extra’ attributesto be sent with your certificate requestA challenge password []:An optional company name []:# 通过私钥和证书签名生成证书文件~ D:\workspace\javascript\nodejs-https>openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pemSignature oksubject=/C=CN/ST=Beijing/L=Beijing/O=fens.me/OU=fens.me/CN=Conan Zhang/emailAddress=bsspirit@gmail.comGetting Private key
新生成了3个文件:certificate.pem, certrequest.csr, privatekey.pem
~ D:\workspace\javascript\nodejs-https>ls -ltotal 17-rwx—— 1 4294967295 mkpasswd 877 Dec 14 10:53 app.js-rwx—— 1 4294967295 mkpasswd 956 Dec 14 11:22 certificate.pem-rwx—— 1 4294967295 mkpasswd 704 Dec 14 11:21 certrequest.csrdrwx——+ 1 4294967295 mkpasswd 0 Dec 14 11:10 node_modules-rwx—— 1 4294967295 mkpasswd 216 Dec 14 11:03 package.json-rwx—— 1 4294967295 mkpasswd 887 Dec 14 11:20 privatekey.pemdrwx——+ 1 4294967295 mkpasswd 0 Dec 14 10:53 publicdrwx——+ 1 4294967295 mkpasswd 0 Dec 14 10:53 routesdrwx——+ 1 4294967295 mkpasswd 0 Dec 14 10:53 viewsprivatekey.pem: 私钥certrequest.csr: CSR证书签名certificate.pem: 证书文件
修改启动文件:app.js
~ vi app.js//最下面var https = require(‘https’),fs = require("fs");var options = {key: fs.readFileSync(‘./privatekey.pem’),cert: fs.readFileSync(‘./certificate.pem’)};https.createServer(options, app).listen(3011, function () {console.log(‘Https server listening on port ‘ + 3011);});
启动服务器:
~ D:\workspace\javascript\nodejs-https>node app.jsExpress server listening on port 3000Https server listening on port 3011
打开浏览器:HTTP访问
HTTPS访问
,如果雨后还是雨,如果忧伤过后还是忧伤,
