Express HTTPS response (net::ERR_INSECURE_RESPONSE)

Question

I get 'net::ERR_INSECURE_RESPONSE' (getting HTTP back) when making requests to my HTTPS API. The Express documentation seems a bit sparse on this. Maybe I'm missing somewhat about the fairly fundamental here?

I'd like to send HTTPS and respond with HTTPS

let app = express()

app.get('/climbers/:latitude/:longitude', (req, res) => {
    const loc = { latitude: req.params.latitude, longitude: req.params.longitude }
    const nearbyClimbers = climbers.filter(climber => haversine(climber, loc) < 5)

    res.json(nearbyClimbers)
})

let secureServer = https.createServer({
    key: fs.readFileSync('./ssl/server.key'),
    cert: fs.readFileSync('./ssl/server.crt'),
    ca: fs.readFileSync('./ssl/ca.crt'),
    requestCert: true,
    rejectUnauthorized: false
}, app)

score 0 · Accepted Answer · answered Sep 25 '17 at 15:23

Turns out this was returning HTTPS, I just misunderstood net::ERR_INSECURE_RESPONSE. See https://stackoverflow.com/a/25075349/1340046

I had dealt with this error for the static resources coming from another port (webpack dev server). What I didn't realize was that I'd need to confirm the ssl exception for the API separately. All I had to do was visit the API url through my browser and confirm the exception.

Another option would be to add the personal ssl certificate

Express HTTPS response (net::ERR_INSECURE_RESPONSE)

1 Answers1