2

Is there any node modules for sailsjs framework to make ssl certificate using let's encrypt?

Daniel
  • 717
  • 6
  • 21
HEIN CHIT HLEIN
  • 21
  • 4

2 Answers2

1

There is a middleware that enables http->https redirect and also handles the ACME-validation requests from Let's Encrypt. As far as I can tell, it does not actually trigger the renewal, nor writes anything, but I believe that the ACME-scripts handle that as cron-jobs every 3 months or so, allowing you app to just validate automatically when they run. I haven't implemented this myself yet though.

I would also ask you to really consider using CloudFlare or some other SSL-termination service, as that also gives you a lot of other benefits like DDoS protection, some CDN-features etc.

Docs:@sailshq/lifejacket

Canis
  • 4,130
  • 1
  • 23
  • 27
1

As has been mentioned, you should consider the best overall solution in terms of CloudFlare or SSL-offload via nginx etc.

However, you can use greenlock-express.js for this to achieve SSL with LetsEncrypt directly within the Sails node environment.

The example below:

  1. Configures an HTTP express app using greenlock on port 80 that handles the redirects to HTTPS and the LetsEncrypt business logic.
  2. Uses the greenlock SSL configuration to configure the primary Sails app as HTTPS on port 443.

Sample configuration for config/local.js:

// returns an instance of greenlock.js with additional helper methods
var glx = require('greenlock-express').create({
  server: 'https://acme-v02.api.letsencrypt.org/directory'
  , version: 'draft-11' // Let's Encrypt v2 (ACME v2)
  , telemetry: true
  , servername: 'domainname.com'
  , configDir: '/tmp/acme/'
  , email: 'myemail@somewhere.com'
  , agreeTos: true
  , communityMember: true
  , approveDomains: [ 'domainname.com', 'www.domainname.com' ]
  , debug: true
});

// handles acme-challenge and redirects to https
require('http').createServer(glx.middleware(require('redirect-https')())).listen(80, function () {
  console.log("Listening for ACME http-01 challenges on", this.address());
});

module.exports = {
  port: 443,
  ssl: true,
  http: {
    serverOptions: glx.httpsOptions,
  },
};

Refer to the greenlock documentation for fine-tuning configuration detail, but the above gets an out-of-the-box LetsEncrypt working with Sails.

Note also, that you may wish to place this configuration in somewhere like config/env/production.js as appropriate.

Daniel
  • 717
  • 6
  • 21