If you're running your Node.js backend locally its served using HTTP by default. In some cases it is required that your backend is served via https for integrating a service like Azure B2C or similar. This article is about how to configure express.js to serve a Node.js backend over https in local development. Let's see how this can be achieved in Node.js.
If you want to find out how this is achieved in a React app, check out this article - How to setup ssl in React, for Angular check out this article - How to setup ssl in Angular.
Using HTTPS in development
To use https locally, we have to do the following:
- Generate local Certificate Authority, and an SSL certificate
- Set the certificates when serving the Node.js backend
- Testing!
Custom SSL certificate
You have to create a local Certificate Authority, and an SSL certificate and set the SSL_CERT_FILE
and SSL_KEY_FILE
to the generated files.
Generating an SSL Certificate
As the first step, you should generate a local Certificate Authority, and an SSL certificate for Local Development.
You need a package manager to install mkcert:
- MacOS: Use Homebrew or Macports.
- Linux: Use certutil. Arch Linux only, mkcert is available on the Arch Linux repository.
- Windows: Use chocolatey.
- Install mkcert.
- Create a locally trusted CA with
mkcert -install
. - Generate an SSL certificate with
mkcert localhost
.
Set custom SSL certificate
To serve an Express.js app locally with SSL we have to update the options object - key
and cert
properties. Hence, after generating the local certificate authority and ssl certificate we have to set the key
and cert
properties to the path of the certificate and key files.
Let's look at a simple express server. The variables CERT-PATH
and KEY-PATH
are the paths to the generated files.
Create or add a project folder.
mkdir node-ssl-test
Initialize project with npm init -y
to be able to install node packages.
cd node-ssl-test
npm init -y
Install express
.
npm install express
Create an index.js
file.
touch index.js
Copy example code.
const https = require('https');
const fs = require('fs');
const express = require('express');
const app = express();
const options = {
key: fs.readFileSync(CERT_PATH),
cert: fs.readFileSync(KEY_PATH),
};
app.use((req, res, next) => {
res.send('<h1>HTTPS is working!</h1>');
});
const port = 3000;
https.createServer(options, app).listen(port, () => {
console.log('Server listening on port ' + port);
});
Now run the index.js
file with node index.js
and open a browser tab and navigate to https://localhost:3000
, you should see HTTPS works!. You can also inspect the certificate in the browser dev tools (Chrome -> Security Tab or Lock Icon).
TL;DR
- To enable HTTPS locally, local certificate authority and ssl certificate have to be created and set in the options object in the Express.js server.
Thanks for reading and if you have any questions , use the comment function or send me a message @mariokandut.
If you want to know more about Node, have a look at these Node Tutorials.
References (and Big thanks):
Top comments (0)