Node的https模块

• HTTPS服务器使用HTTPS协议
• 需要证书授权
• SSL安全加密后传输
• 使用443端口

创建HTTPS服务器

• 安装OpenSSL:http://slproweb.com/products/Win32OpenSSL.html

• 生成证书

  管理员权限打开cmd

Microsoft Windows [版本 10.0.16299.125]
(c) 2017 Microsoft Corporation。保留所有权利。

C:\WINDOWS\system32>openssl genrsa -out privatekey.pem 1024
Generating RSA private key, 1024 bit long modulus
............++++++
.................................++++++
e is 65537 (0x10001)

C:\WINDOWS\system32>openssl req -new -key privatekey.pem -out certrequest.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:js
Locality Name (eg, city) []:MJ
Organization Name (eg, company) [Internet Widgits Pty Ltd]:SV
Organizational Unit Name (eg, section) []:SW
Common Name (e.g. server FQDN or YOUR name) []:localhost
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:qweasdzxc
An optional company name []:ganmu

C:\WINDOWS\system32>openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pem
Signature ok
subject=/C=AU/ST=js/L=MJ/O=SV/OU=SW/CN=localhost
Getting Private key

C:\WINDOWS\system32>openssl pkcs12 -export -in certificate.pem -inkey privatekey.pem -out certificate.pfx
Enter Export Password:
Verifying - Enter Export Password:

C:\WINDOWS\system32>

https模块

var https = require('https');
var fs = require('fs');
var pk = fs.readFileSync("./certs/privatekey.pem");
var pc = fs.readFileSync("./certs/certificate.pem");

var opts = {
    key:pk,
    cert:pc
};

var server = https.createServer(opts, function(req, res) {
    console.log(req.url);
    if(req.url !== './favicon.ico') {
        res.setHeader("contentType","text/plain");
        res.write("hello");
        res.end();
    }
});

server.listen(443, "localhost", function() {
    console.log('https server is listening on 443');
});

浏览器会拦截访问，提示该访问为不安全链接，因为证书无效。

HTTPS客户端

var https = require('https');
var opts = {
    hostname:"npmjs.org",
    port:443,
    path:"/",
    method:"GET",
    agent:false
};

opts.agent = new https.Agent(opts);


var req = https.request(opts, function(res) {
    console.log(res.statusCode);
    console.log(JSON.stringify(res.headers));
    res.setEncoding('utf8');
    res.on('data', function(chunk) {
        console.log(chunk);
    });
});

req.on("error", function(err) {
    console.log(err);
})

req.on("socket", function(socket) {
    socket.setTimeout(10*1000);
    socket.on("timeout", function() {
        req.abort();
    });
})

req.end();

运行

F:\后台开发\node-server-test>node client.js
301
{
    "server":"nginx/1.12.2",
    "date":"Thu, 26 Apr 2018 16:36:16 GMT",
    "content-type":"text/html",
    "content-length":"185",
    "connection":"close",
    "location":"https://www.npmjs.com/"
}
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.12.2</center>
</body>
</html>

链接: http://www.fly63.com/article/detial/732