Express JS, working with HTTPS does not load page

Question

I want to launch my web application with https. I have created self signed key and certificate with this command:

openssl req -newkey rsa:2048 -sha256 -nodes -keyout key.key -x509 -days 365 -out public.pem -subj "/C=US/ST=New York/L=Brooklyn/O=Example Brooklyn Company/CN=my.example.com"

This created to me key.key nad public.pem files.

Now I want to assign them to my express application:

const app = express();
const https = require('https');
const http = require('http');
const fs = require('fs');

app.get('/*', (req, res) => {
        res.send("Hello");
});

const options = {
    key: fs.readFileSync(`${__dirname}/key.key`),  // Path to file with PEM private key
    cert: fs.readFileSync(`${__dirname}/public.pem`)  // Path to file with PEM certificate
};
https.createServer(options, app).listen(443);
http.createServer(app).listen(80);

When I open my my.example.com/ it successfully shows me Hello message text. Howver, when I open it like this https://my.example.com/ my browser does not open this page and shows ERR_SSL_PROTOCOL_ERROR error message.

What did I miss?

If the encoding option is specified then fs.readFileSync returns a string, otherwise it returns a buffer. So you need to specify the encoding to get the content as a string. — baao, Sep 26 '17 at 11:47
@baao I hva added encoding, still `https` not loading in my browser — Mr.D, Sep 26 '17 at 11:55

score 2 · Accepted Answer · answered Sep 26 '17 at 11:44

2

try to add the follow code, i think is what you need to open by https

var fs = require('fs');
var https = require('https');
var express = require('express');
var key  = fs.readFileSync('sslcert/server.key', 'utf8');
var cert = fs.readFileSync('sslcert/server.crt', 'utf8');

var cred = {key: key, cert: cert};
var app = express();

var serv = https.createServer(cred, app);

serv.listen(443);

I hope this works to you

answered Sep 26 '17 at 11:44

cancelajavi

151
6

even if I I have added `utf8`encoding opening `https` page is not working – Mr.D Sep 26 '17 at 11:53

score 1 · Answer 2 · answered Sep 26 '17 at 11:58

1

Probably your SSL is not correctly created.

Try:

openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out client.csr
openssl x509 -req -in client.csr -signkey key.pem -out cert.pem

answered Sep 26 '17 at 11:58

serkan

6,885
4
41
49

I have placed newly generated two `pem` files and my browser still throws me `ERR_SSL_PROTOCOL_ERROR` – Mr.D Sep 26 '17 at 12:10
2

An `ERR_SSL_PROTOCOL_ERROR` means that the browser couldn't verify the certificate that the server presented and assumed it to be fake, which it is because it's not signed by any _trusted_ third-party (it's signed by you). To circumvent this, try adding the certificate to your browser. [See this dicussion for more](https://stackoverflow.com/questions/7580508/getting-chrome-to-accept-self-signed-localhost-certificate) – riyaz-ali Sep 26 '17 at 12:27

score 0 · Answer 3 · answered Sep 26 '17 at 12:21

I believe there is nothing wrong with your code and logic ... if you are using chrome as a browser and it gives such error it is probably because you are using a self signed certificate ...

in case of test there is a way around ... but I recommend you to buy a SSL certificate instead if you can ...

Express JS, working with HTTPS does not load page

3 Answers3