npm http-server with SSL

前端未结

关注

 4  1844

I\'m using the npm package \"http-server\" (https://www.npmjs.com/package/http-server) to set up a simple webserver, but I cannot get it to use SSL. My command in package.json i

相关标签:

4条回答

春和景丽

2021-01-29 20:27
First, make sure that you have key.pem and cert.pem files. You can generate them using this command:
```
openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
```
You will be prompted with a few questions after entering the command. Use 127.0.0.1 as value for "Common name" if you want to be able to install the certificate in your OS's root certificate store or browser so that it is trusted.

This generates a cert-key pair and it will be valid for roughly 10 years (3650 days to be exact).

Then you need to run the server with -S for enabling SSL and -C for your certificate file:
```
$ http-server -S -C cert.pem -o
Starting up http-server, serving ./ through https
Available on:
  https:127.0.0.1:8080
  https:192.168.1.101:8080
  https:192.168.1.104:8080
Hit CTRL-C to stop the server
```
0 讨论(0)
发布评论:

提交评论
- 加载中...
你的背包

2021-01-29 20:32

Just for future reference, my problem was solved by updating the package to the latest version in package.json. I copy-pasted an old example file without updating the version numbers.

0 讨论(0)
发布评论:

提交评论
- 加载中...
时光取名叫无心

2021-01-29 20:34
I installed mkcert:
```
brew install mkcert
brew install nss # if you use Firefox
```
```
mkcert -install
```
Then, in your project directory:
```
mkcert 0.0.0.0 localhost 127.0.0.1 ::1
```
Finally, I renamed generated files:
- 0.0.0.0+3-key.pem -> key.pem
- 0.0.0.0+3.pem -> cert.pem
And ran the following command:
```
http-server -S -C cert.pem -o
```
Then I got:

I referenced this blog: https://qiita.com/walkers/items/b90a97a99bbb27f6550f (written in Japanese)
0 讨论(0)
发布评论:

提交评论
- 加载中...

半阙折子戏

2021-01-29 20:43

Firefox didn't accept self-signed certs, so a bit more effort was required. First create a CA:

openssl req -batch -new -newkey ec:(openssl ecparam -name prime256v1|psub) -nodes -keyout ca-key.pem -x509 -out ca.pem -days 3650 -subj "/CN=A localhost CA"

Add ca.pem (A localhost CA) to trusted certs of your OS and/or Firefox (other browsers use system CAs). Keep the ca* files in a secure location for future use, so you never have to do this again.

Then, for any site that you are running, and whenever you wish to change settings, create cert.pem and key.pem with:

openssl req -batch -new -newkey ec:(openssl ecparam -name prime256v1|psub) -nodes -keyout key.pem -subj /CN=localhost | openssl x509 -req -CAkey ca-key.pem -CA ca.pem -CAcreateserial -out cert.pem -days 365 -extfile (echo subjectAltName=DNS:localhost|psub)

The above should work on most systems. If not, you might want to create temporary files ecparam.tmp and ext.tmp. Commands functionally equivalent to the two oneliners:

# Output Elliptic Curve parameters to a temporary file
openssl ecparam -name prime256v1 -out ecparam.tmp

# Create CA
openssl req -batch -new -newkey ec:ecparam.tmp -nodes -keyout ca-key.pem \
  -x509 -out ca.pem -days 3650 -subj "/CN=A localhost CA"

# Create a CSR for localhost, then sign it by CA
echo subjectAltName=DNS:localhost > ext.tmp
openssl req -batch -new -newkey ec:ecparam.tmp -nodes -keyout key.pem \
  -subj /CN=localhost | openssl x509 -req -CAkey ca-key.pem -CA ca.pem \
  -CAcreateserial -out cert.pem -days 365 -extfile ext.tmp

0 讨论(0)