Node.js returning empty response for HTTPS

Question

I have the following extremely basic Node.js server:

"use strict";

const http = require("http");
const https = require("https");
const fs = require("fs");

http.createServer((req, res) => {
        console.log("regular works");
        res.end("Regular response");
}).listen(3000);

https.createServer({
        key: fs.readFileSync("/etc/letsencrypt/live/domain.com/privkey.pem"),
        cert: fs.readFileSync("/etc/letsencrypt/live/domain.com/cert.pem")
}, (req, res) => {
        console.log("secure works");
        res.end("Secure response");
}).listen(3001);

I run this as sudo node filename.js, only because files in /etc/letsencrypt/live are root-only. I will do this properly later, this is only for testing.

When run, I can hit port 3000 just fine. The server console prints regular works, and the browser displays Regular response. However, port 3001 returns an empty response, and no message is printed to the server.

The LetsEncrypt files were generated with ./letsencrypt-auto certonly --standalone -d domain.com --email email@gmail.com --agree-tos and appear valid.

What am I missing to have the expected result?

See [How to create an HTTPS server in Node.js?](http://stackoverflow.com/questions/5998694/how-to-create-an-https-server-in-node-js). — Michał Perłakowski, Jan 19 '16 at 19:36
@Gothdo Unfortunately `server.setSecure` isn't a function anymore, and the Express guide doesn't work either - giving me the same result. — Scott, Jan 19 '16 at 19:44

mscdex · Accepted Answer · 2016-01-19T19:56:13.470

5

There are two issues here:

Assuming you're not obscuring the real hostname/IP, you should use 127.0.0.1 or similar (if you're on the same machine) instead of 255.255.255.255.
HTTP is the default for cURL, so you're currently sending a plaintext HTTP request to your HTTPS server, which is not going to work (the HTTPS server sees the literal HTTP request as an invalid TLS handshake which causes the connection to end abruptly). To remedy this, explicitly include https:// (e.g. curl -I --verbose https://127.0.0.1:3001).

edited Jan 19 '16 at 19:56

answered Jan 19 '16 at 19:51

mscdex

104,356
15
192
153

Sorry, I should have specified - I obscured the hostname in my original. I tried curl with https and have some new information. Thank you! – Scott Jan 19 '16 at 19:55
Ok, so it seems your server is working fine now then. If you're expecting to see your "Secure response" output in cURL, you won't see it with a `HEAD` request (and rightly so). Use a `GET` request instead to see the response body. – mscdex Jan 19 '16 at 19:59
I guess this all came down to how well I know curl... Thanks for your help! – Scott Jan 19 '16 at 20:00

score 4 · Answer 2 · answered Mar 13 '19 at 15:48

4

need to check that the URL contains https:// not http://

answered Mar 13 '19 at 15:48

Shimon Doodkin

4,310
34
37

Node.js returning empty response for HTTPS

2 Answers2