Friday, October 25, 2013

SSL Configuration on Node.js for Server and Client sides

My previous post discussed how to simply generate a RSA private key and self-signed certificate. Those items will be used now to implement a node.js (utilizing express.js) server and client.

Server-side code

var fs = require('fs');
var https = require('https');
var express = require('express');

var appHttps = express();
var privateKey = fs.readFileSync('/sslcerts/key.pem'); //set path to your key
var certificate = fs.readFileSync('/sslcerts/cert.pem'); //set path to your cert
var credentials = {key: privateKey, cert: certificate};

var httpsServer = https.createServer(credentials, appHttps);
httpsServer.listen('8443');

//this is a framework for a REST interface
 appHttps.get('/ctispan/rest/key/:id',   
        function(req, res)
        {

                res.send(200,'hello world');
        });



Client-side code

This is written in a classical (as in class) type format.  Javascript isn't a class-type language, but my background is in Java which is.  Hence, I tend to mold things to what I'm comfortable with (classes).

var https = require('https');
var fs = require('fs');


function ClientRS(host, port, path)
{
    this.host = host;
    this.port = port;
    this.path = path;
 };

ClientRS.prototype.getValue = function(key, callback)
{
    var retVal='';
    var options = {
            host : this.host,
            port : this.port,
            path : this.path + "/key/" + key,
            ca: [fs.readFileSync(properties.sslHACert)],    //*see note below
            method: 'GET'
    };


var req = https.request(options, function(res) {
        console.log('GET status code: ', res.statusCode);
        res.on('data', function(chunk) {
            retVal += chunk;
        });
        res.on('end', function() {
            if (callback !== undefined)
                callback(retVal);
        });
    });
   
    req.end();

};

* That 'ca' line is necessary for self-signed certificates.  You need to tell node that the self-signed certificate is trusted (cause it shouldn't be in normal circumstances), otherwise you'll get thrown one of these beauties (that will terminate your client):

Error: DEPTH_ZERO_SELF_SIGNED_CERT


Invoking the Client code

callback = function(returnData) {
    console.log('in test client, returnData: ' + returnData);
};


var ClientRS = require('ClientRS');
client = new ClientRS('myhost', '8443', '/ctispan/rest');


client.getValue('111', callback);

No comments:

Post a Comment