HTTPS Server in Node.js

Question

I was wondering how can I create a https server in node listening on Port 443 in a way that when I type :

https://my.ip.address:443 it should work.
https://my.ip.address it should work.
my.ip.address (without the https://) it should work and redirect me to https)
my.ip.address:443 it should work and redirect me to https

So far I was only able to make the first and second url work.

So my question is how can I make it also work for the other two possibilities (the final two). Thanks

Rule of thumb, never expose node to the world. Use a reverse proxy like nginx. You could do all the above in nginx, ie without having to expose node + port 443 — Swaraj Giri, Jul 02 '15 at 09:46
@SwarajGiri: What's the harm with exposing node to the world? — Matt, Jul 02 '15 at 09:48
@SwarajGiri — I'm pretty sure you can't handle the final case with nginx (or anything else). — Quentin, Jul 02 '15 at 09:49
@Quentin - With nginx, you dont have the port. It would basically boil down to `http` to `https` redirection. No? — Swaraj Giri, Jul 02 '15 at 09:51
@SwarajGiri — No. The port is always there. It may or may not be entered into the URL, but that is up to the client, not the server. — Quentin, Jul 02 '15 at 09:54
@Quentin - What i meant with having nginx is that you only expose port 80 and let nginx proxy requests to node on port 443. In that scenario, case 4 of the question, would be a mere http to https redirection. — Swaraj Giri, Jul 02 '15 at 09:57
@SwarajGiri — Disabling encryption between the web server and the browser is a terrible idea. — Quentin, Jul 02 '15 at 09:59

score 3 · Answer 1 · answered Jul 02 '15 at 09:48

3

If you type my.ip.address into a browser's address bar then it will request http://my.ip.address:80. To get that to work with your SSL version you need to:

Listen for HTTP (not HTTPS) on port 80
Issue a 301 HTTP Redirect to the SSL site

If you type my.ip.address:443 into a browser, then it will request http://my.ip.address:443. This will try to make an HTTP request without setting up SSL first and get an error. There is nothing you can do about that.

answered Jul 02 '15 at 09:48

Quentin

914,110
126
1,211
1,335

Your answer was actually quite helpful. I'm now able to make all the first three urls work. Are you sure there's nothing I can do about the last one (my.ip.address:443)? – Jesse James Jul 02 '15 at 09:56
1

@JesseJames — It might be possible to write something that sniffs incoming data on port 443 and responses with HTTP or SSL depending on what it gets, but it seems like a lot of work for a really weird edge case. People aren't in the habit of explicitly putting port numbers in URLs, let alone doing what without using the scheme. – Quentin Jul 02 '15 at 10:02

score 1 · Answer 2 · answered Jul 02 '15 at 10:06

1

You can make redirects from http to https. Via nginx

https://github.com/vodolaz095/hunt/blob/master/examples/serverConfigsExamples/nginx.conf#L22-L39

  server {
    listen       80;
    server_name  example.org;
    rewrite      ^ https://$host$request_uri? permanent;
  }

Via expressjs middleware

https://github.com/vodolaz095/hunt/blob/master/examples/index.js#L133-L139

something like this:

app.use(function (request, response, next) {
  if (request.protocol === 'http') {
    response.redirect('https://yourhostname.com' + request.originalUrl);
  } else {
    next();
  }
});

answered Jul 02 '15 at 10:06

vodolaz095

6,680
4
27
42

Great answer. I was already able to do that. But what I'm really trying to do right now is to make it work when i type my.ip.address:443 (this should work and redirect me to https:// my.ip.address. – Jesse James Jul 02 '15 at 10:10
Do you mean redirect from `http://my.ip.address:443` (yes, http) to `https://my.ip.address:443` (yes, https) ? Probably you have to bind application or nginx to 2 ports - the 80 (default to http) and 443 (default to https) – vodolaz095 Jul 02 '15 at 12:09
Binding two different ports isn't going to help you deal with two different protocols coming on on *the same port* – Quentin Jul 02 '15 at 15:28

HTTPS Server in Node.js

2 Answers2