Reputation: 157
getting public ssl certificate for node.js server
I am running a node.js express server on my aws ac2 linux instance. I need to expose it through https to work properly with the react app that pulls data from it. I was able to generate my own ssl certificate but it will not be recognized by other users and the client app will through an error.
Could you please explain how can i get a public ssl certificate just for the node server. The server uses an ip address like xxx.xx.xx.xx:4500/endpoint. Aws seems to offer ssl but only if you pay for its load balancer and I do not want to do that.
Is there a way to verify the certificate that i generated with openssl so i can use it publicly?
Here is my basic setup:
const express = require('express');
const cors = require('cors');
const mysql = require('mysql');
const moment = require('moment');
var fs = require('fs');
const https = require('https')
const app = express();
xxx
https.createServer({key: fs.readFileSync('server.key'),
cert: fs.readFileSync('server.cert')}, app).listen(4500, () => {
console.log('Listening...')
})
Thank you in advance!
Upvotes: 0
Views: 3436
Answers (3)
Reputation: 223
OpenSSL itself is a tool to create self-signed certificates. Those certificates are never trusted by the browser.
Instead, you can use Let's Encrypt with this command:
apt install certbot
certbot certonly --standalone -d example.com
Let's Encrypt is a trusted entity, so their certificates are valid.
Your new certificates will be on a path like this:
/etc/letsencrypt/live/example.com
As others suggested, you will need one domain. You can get one free on sites like Freenom.
Upvotes: 3
Reputation: 8583
If you in a region where Amazon Certificate Manager is suported, You can get a SSL certificate for free.
https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
In order to apply ssl certificate, The easiest way is to use it on a load balancer. Check my answer to this question Apollo Server on Ubuntu 18.04 EC2 instance with HTTPS.
If you want to use the certificate directly on EC2. try the following. I haven't tried this myself. https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-export-private.html
Also i have seen people using https://letsencrypt.org/ to get certs.
Upvotes: 0
Reputation: 91
Your self-signed certificate won't be trusted by the browser.
One solution would be to get yourself a domain and then a free SSL certificate issued by Let's Encrypt. This would remove the error because Let's Encrypt certificates are trusted by all major browsers.
Another solution is to get the free plan of Cloudflare, which includes an SSL certificate. More info here.
There is the possibility to secure your IP with an SSL certificate but there are no free solutions for this.
Upvotes: 0
Related Questions
- Get public key from certificate in nodejs
- Setting up SSL with node.js
- Getting https on a Node server with ec2 instance
- Running node.js app on aws ec2 instance with https
- How to serve a nodeJS app via HTTPS on AWS EC2?
- How to download AWS certificate to use it with NodeJS
- certificate issue in nodejs https request
- Nodejs Https Certification
- AWS SSL cert for server api
- Running a simple HTTPS Node JS Server on Amazon EC2